Press Releases

Browse our press release archive

04 Nov 2003

Beware the bogus bank email - Sophos warns against financial scam

Users may be clicking on links to bogus banking websites
Users may be clicking on links to bogus banking websites

Sophos technical support has reminded computer users to be wary of bogus emails that pretend to come from online banks. The emails typically ask users to confirm their email address by visiting a website and entering information about their account numbers, passwords and PIN details.

Sophos technical support reports that it has seen an increase in queries from users recently disturbed by the emails they have received, some of which have appeared on first examination extremely official, claiming to come from online banks. Recently bogus emails have claimed to come from a number of banks including Nationwide, NatWest, BarclaysWestpac and Halifax.

Once account numbers, PIN and login password details have been obtained the fraudsters can easily steal money from the innocent user's bank.

"The people behind these emails are common criminals, intent on stealing your cash," said Graham Cluley, senior technology consultant for Sophos. "They have been busy setting up scam websites which mimic the appearance of the real banking sites, and have directed innocent users via email to visit them. Any user who receives a bogus email such as these should inform the bank immediately so that they and the legal authorities can investigate."

Sophos notes that because the fraudsters behind the email do not know what online bank (if any) is being used by the owner of a particular email address they have been spamming thousands of people en masse in the hope of successfully capturing a victim.

The UK National Hi-Tech Crime Unit has said it has stepped up its investigations of scams such as the one described above, but that there is a risk prosecutions could be hampered by inadequate laws in the countries where the scammers operate.

About Sophos

More than 100 million users in 150 countries rely on Sophos as the best protection against complex threats and data loss. Sophos is committed to providing complete security solutions that are simple to deploy, manage, and use and that deliver the industry's lowest total cost of ownership. Sophos offers award-winning encryption, endpoint security, web, email, mobile and network security solutions backed by SophosLabs - a global network of threat intelligence centers.

Sophos is headquartered in Boston, US and Oxford, UK. More information is available at