I actually thought this was legit at first. Of course, as usual if I am not expecting an e-mail from a person then there is a high chance it is simply a phishing scam or spam e-mail. The e-mail was this and it essentially asks you to click on a link to receive a “secure message”:
If we actually look at the source of the e-mail though you can see that it tries to trick you into going to another site:
From – Mon Sep 15 14:22:32 2014
Return-Path: <AmericanExpress@welcome.aexp.com>
Received: (fqmail 26683 invoked from network); 15 Sep 2014 20:14:28 -0000
Received: (qmail 11125 invoked from network); 15 Sep 2014 20:14:23 -0000
Received: from [197.1.220.19] ([197.1.220.19])
Received: from (192.168.1.155) by welcome.aexp.com (197.1.220.19) with Microsoft SMTP Server id 8.0.685.24; Mon, 15 Sep 2014 21:14:25 +0100
Message-ID: <4712099136.NMZ97J33257605.907060@rbc.com>
Date: Mon, 15 Sep 2014 21:14:25 +0100
From:”Justin.Fuentes@rbc.com” <Justin.Fuentes@rbc.com>
Subject: New secure message from RBC Royal Bank
Content-Type: multipart/alternative;
boundary=”————07050800302030306010301″This is a multi-part message in MIME format.
————–07050800302030306010301
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bitYou have received a secure messageThis is an automated message sent by Royal Bank Secure Messaging Server. The link above will only be active until: 09/16/2014 Please click here or follow this link : https://www1.royalbank.com/cgi-bin/rbaccess/rbcgi3m01 Help is available 24 hours a day by email at secure.emailhelp@rbcroyalbank.com If you have concerns about the validity of this message, please contact the sender directly. For questions about Royal Bank’s e-mail encryption service, please contact technical support at 1-800-769-2511. First time users – will need to register before reading the Secure Message. Help – https://mailsafe.rbcroyalbank.com/websafe/help?topic=RegEnvelopeAbout Royal Bank Encryption – https://mailsafe.rbcroyalbank.com/websafe/about © Royal Bank of Canada 2014 Privacy & Security|Legal|Accessibility|Contact Us|Unsubscribe
You have received a secure message
This is an automated message sent by Royal Bank Secure Messaging Server.
The link above will only be active until: 09/16/2014Please click href=”http://melissigorta.com/www6.rbc.com/webapp/ukv0/signin/logon.html”>here or follow this link : href=”http://melissigorta.com/www6.rbc.com/webapp/ukv0/signin/logon.html”>https://www1.royalbank.com/cgi-bin/rbaccess/rbcgi3m01
Help is available 24 hours a day by email at href=”http://melissigorta.com/www6.rbc.com/webapp/ukv0/signin/logon.html”>secure.emailhelp@rbcroyalbank.com
If you have concerns about the validity of this message, please contact the sender directly. For questions about Royal Bank’s e-mail encryption service, please contact technical support at 1-800-769-2511.
First time users – will need to register before reading the Secure Message.
Just delete it if you see this message as they essentially want you to think you are logging in the bank’s site when in reality you will be entering your bank details to a third party site.
2 Comments