Here’s an example of something I got today:
This is the best phishing message I’ve seen so far.
The spelling and grammar is pretty spot on except for a couple of areas. I won’t point out the spelling mistake, but it’s pretty obvious.
I know it cannot be legitimate only because I don’t bank with this particular bank, and I also never use this email address that I use for blogging for anything in my personal life.
So what can you do to protect yourself?
Other than the normal don’t give out your email, or send bank information over unsecure channels, here’s a simple way:
If you ever feel that what you receive is a LEGITIMATE message from Paypal or your bank, they always tell you to type the bank’s URL directly into the browser instead of clicking on any links in the emails.
You’d be surprised at how well this email is done. The lingo sounds accurate as Scotia Bank does call their email center a “Communications Centre”, and the email address looks legitimate enough to fool someone who isn’t familiar with the way Scotia Bank emails you.
By the way they actually don’t email you to tell you that you have a message in your centre. They have their own email messages inbox when you sign in and it tells you right on the page.
The only time Scotia Bank (or most other banks) emails you is to send you information about some articles they want you to read or they tell you to type the site URL in your browser and log on.
That way, you can be sure that you’re going to the actual site that the email claims they’re from, and you won’t be sent anywhere else.
Just a girl trying to find a balance between being a Shopaholic and a Saver.
I cleared $60,000 in 18 months earning $65,000 gross/year.
Now I am self-employed, and you can read more about 
Thanks for the tips on staying safe in the world of online banking.
You are right – that was very well written by phishing standards. Interestign how it wasn’t a msg about something being wrong in your account that required you to log on immediately to fix. They had me impressed until “Sincerily”…
Hi there-yes, a great post and thanks for the tips too!
glad you’re covering banking security measures. if you Google the name of your bank you’ll get a valid url in the first search result. bookmark that and use that to access your account. if you get an email from the name of a bank that’s not yours, mark it as spam. they say 2009 will show more sophisticated phishing and security attacks. for more ways to protect yourself and others against hackers and attackers in 2009, check out my recent blog post at: fluxlife: “good news and bad news”.
thanks again FB for helping to raise awareness in this area, and to help us protect ourselves and others!
you rock!
-Steve @ fluxlife
OMG! I can’t believe that there are some people out there that are able to do something bad like this 🙁
I haven’t had one of these beauties yet. I hope when one shows up, I am smart enough to know real from not. Thanks for writing this.
Hmmm…that IS a good letter! I do bank with Scotia, but even if I do receive the odd one which claims to be from Scotia, I delete it.
Thanks for the head’s up!