Call on Ken

Example: The SunTrust Email

Again this scam was an attempt to get you to reveal security information about your credit card and login and password details.

Superficially it looks credible but there are a few tell-tale clues...

From: SunTrust bank <>
To: ...
Date: Sun, 07 Nov 2004 01:16:27 -0100
Subject: Protect your SunTrust Bank account [Sun, 07 Nov 2004 01:18:27 -0100]

Dear SunTrust Bank client,

Recently there have been a large number of identity theft attempts targetting SunTrust customers. In order to safeguard your account we require that you confirm you banking details (credit card information and login/password for online banking, if you have).

This process is mandatory, and if not completed within the nearest time your account or credit card may be subject to temporary suspension.

To securely confirm you SunTrust Bank details please follow the link.

Thank you for your prompt attention to this matter and thank you for using SunTrust Bank


OK, this one looks suspicious right from the start simply on grounds of grammar! What do "for online banking, if you have", "if not completed within the nearest time" and "To securely confirm you SunTrust Bank details" suggest to you? Real banks may make an occasional small mistake but they don't send out mails which are so inaccurate.

Another unusual thing about this email was that it wasn't simple text but was a picture and if you clicked anwhere in the picture, it tried to take you to the target site. This wasn't the one mentioned in the email, incidentally!

As with all these things, one of the biggest clues is that no bank would ever send out an email of this type! If in doubt, contact your bank yourself or use your favourite search engine and search for "suntrust scam". At the time of writing it returns 3,200 results!

What it really did...

If you did click on the link, or anywhere in the email, it would take you to a perfectly valid looking page. This looks just like a norrmal SunTrust page and all the links and buttons on the page (except fot the login button) will work and go to the real site. The Login button takes your login info and saves it to the scammers server