Lloyds TSB Bank

Discussion in 'Phishing' started by Naruto, Jan 16, 2008.

  1. Naruto

    Naruto Administrator Staff Member

    Return-Path: <message@lloydstsb.co.uk>
    Received: from 84.51.56.110, Turkey, teletektelekom.com
    Reply-To: <message@lloydstsb.co.uk>
    From: "Lloyds TSB Bank plc" <message@lloydstsb.co.uk>
    Subject: You have 1 new Message
    Date: Wed, 16 Jan 2008


    16 jan 2008,

    You have 1 new Message.
    CHECK MESSAGE

    Check out the latest updates about your e-banking service and take a look at these great offers from Lloyds TSB Bank plc.

    Customer Service
    Please do not reply to this message.To contact us by phone, please call the number on the home page.

    Sincerely,
    Lloyds TSB Bank plc Internet Banking.
     
  2. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    Account detail phishing trap

    A new phishing attempt has emerged for Lloyds TSB online.

    Security Alert‏
    From: Lloyds TSB Bank plc (security@lloydstsb.co.uk)
    The real origin is: Received: from User ([82.128.14.56]) Victoria Island, Lagos, Nigeria
    This message may be a phishing scam. Learn more
    Sent: 14 April 2008 13:04:44
    Reply-to: security@lloydstsb.co.uk
    To:

    Security Alert​
    Please note that Your Lloyds TSB Online Account is about to expire. In order for it to remain active, please Use the link below to proceed and access your account.

    https://online.lloydstsb.co.uk/customer/Login.ibc

    Which is a false link and actually leads to a site in California which has been hacked by a scammer.
     
  3. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    Oh Dear!

    It looks as though all the scammer's hard work creating the phishing trap came to nothing, as the link in the emails above now gives errors when you try to link through it. ;)
     
  4. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    Another attempt by the scammers....

    Usual standard of English, spelling and grammar, that is very poor. Checking on the REAL Lloyds TSB security pages it notes that all emails from them to customers always have the last four digits of the current account code and are addressed to the account holder using their proper name. This is a complete scam.

    X-SID-PRA: Security@LLoydstsb.com <Security@LLoydstsb.com>
    Received: from smtp-s4.menara.ma ([81.192.53.76]) by bay0-mc1-f1.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668);
    Fri, 25 Apr 2008 08:49:54 -0700
    Received: from User (unknown [41.251.71.97]) Direction Internet ,division operation, Rabat, Maroc (Morocco)
    by smtp-s4.menara.ma (Menara) with SMTP id 4924F4DC005;
    Fri, 25 Apr 2008 15:29:01 +0000 (WET)


    Reply-To: <Security@LLoydstsb.com>
    From: "Security@LLoydstsb.com"<Security@LLoydstsb.com>
    Subject: LLoyds TSB Customer Service : Secure Your Online Banking
    Date: Fri, 25 Apr 2008 15:49:49 -0000
    To: undisclosed-recipients:;


    Dear LLoyds Tsb Online Account Holder,

    During our usual security enhancement protocol,

    we observed multiple login attempt error while login in to your online lloydstsb account.

    We have believed that someone other than you is trying to access your account

    For security reasons,we have temporarily suspend your account

    and your access to online banking and will be restricted if you fail to update.

    Please click on the refrence below to initiate the verification process. and re-confirm your membership details.


    Trap site link in Russia - Which then does a redirect to: - http://www.de-line.ru/img/custompage/3/update/online.lloydstsb.co.uk/ which does the nasty stuff.

    Lloyds TSB Customer Service
     
  5. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    The scammers work was all in vain, the site is dead without a gain.

    Quiet for a while, but now one from Korea...

    Received: from KHKSSERVER.khks.local ([71.94.216.14]) by bay0-mc8-f9.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668);
    Tue, 1 Jul 2008 11:17:08 -0700
    Received: from User ([221.145.135.71]) by KHKSSERVER.khks.local with Microsoft SMTPSVC(6.0.3790.3959);
    Tue, 1 Jul 2008 11:11:52 -0700
    [221.145.135.71] = (ju)painseutonkeonteurikeulreob , Songsan-myeon, Dangjin-gun, Chungcheongnam-do, 343-830, KOREA
    Reply-To: <Service@Security.lloydstsb.com>
    From: "LLoydsTsb Notice"<Service@Security.lloydstsb.com>
    Subject: IMPORTANT NOTIFICATION : Your Account Will Be Suspended
    Date: Wed, 2 Jul 2008 03:17:08 +0900

    Dear Valued Customer,

    - Our new security system will help you to avoid unauthorized access to your account and keep your investment safe.

    - Due to technical maintenance we need you to reactivate your account.

    Please click the link below to proceed

    https online lloydstsb co uk customer ibc Which is a hidden link to another site, already found and deactivated by the ISP host.

    We appreciate your bunsiness.It's truly our pleasure to serve you.

    Lloyds TSB Customer Service

    Programs and data held on this system belong or are licensed to Lloyds TSB Bank plc and Lloyds TSB Scotland plc. It is an offence to access the programs and data unless you are doing so through your own account using the Passwords and User ID issued to you by Lloyds TSB Bank plc and Lloyds TSB Scotland plc in an authorised manner and in accordance with all applicable laws.

    v <-- Notice the scammer's HTML error - a trailing "buffer" character left behind from a previous message.
     
  6. ErnestTBass

    ErnestTBass Ninja

    The lads must really be working with Lloyds banking institution's

    Just had this fake bank suspended a day ago

    www.lloydsich-online.net

    you folks are doing an awesome job here at AFI
     
  7. Ted

    Ted Emeritus

    Lloyds TSB.

    Boy do these lads have big gonads! Oh, my...


    Return-Path: <service@lloydstsb.co.uk>
    Received: from smtp20.orange.fr ([80.12.242.26])
    by fipmb01 with ESMTP;
    Reply-To: <service@lloydstsb.co.uk>
    From: "Lloyds TsB" <service@lloydstsb.co.uk>
    Subject: Lloyds TsB - Please Reconfirm Your Account Access !!!
    Date: Mon, 18 Aug 2008


    Dear Customer,

    Lloyds TSB has been receiving complaints from our customers for unauthorised use of the Lloyds TSB Online accounts. As a result we are making an extra security check on all of our Customers account in order to protect their information from theft and fraud.

    Due to this, you are requested to follow the provided steps and confirm your Online Banking details for the safety of your Accounts. Please Click Here To Start .

    However, Failure to do so may result in temporary account suspension. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.

    Thanks for your co-operation.

    Fraud Prevention Unit
    Legal Advisor
    Lloyds TSB.

    --------------------------------------------------------------------------------
    Accounts Management As outlined in our User Agreement, Lloyds TSB (r) will periodically send you information about site changes and enhancements.

    Please do not reply to this e-mail. Mail sent to this address cannot be answered.
     
  8. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    Received: from User (adsl-070-147-019-083.sip.mia.bellsouth.net [70.147.19.83]) by mwinf2013.orange.fr (SMTP Server) with ESMTP id 2D27D1C000B8; Wed, 27 Aug 2008 12:22:02 +0200 (CEST)

    Origin IP Address = 70.147.19.83 = BellSouth.net Inc., 575 Morosgo Drive, Atlanta, GA 30324, US

    Reply-To: <alert@LloydsTSB.co.uk>
    From: "Security Alert Lloyds TSB" <alert@LloydsTSB.co.uk>
    Subject: Security alert Online Access Suspended
    Date: Wed, 27 Aug 2008 06:21:46 -0400
    To: undisclosed-recipients:;
    Return-Path: alert@LloydsTSB.co.uk


    personal & business account



    Security Alert



    Please note that Your Lloyds TSB Online Account is about to expire. In order for it to remain active, please Use the link below to proceed and access your account.
    https online lloydstsb co uk customer Login.ibc
    Whic has hidden re-direct to the criminals page. The link has been removed by the host ISP already
     
  9. Ted

    Ted Emeritus

    Lloyds TSB -No-Name

    Return-Path: <service@securiter.fr>
    Received: from User (adsl196-202-200-206-196.adsl196-7.iam.net.ma [196.206.200.202])
    by mwinf2003.orange.fr (SMTP Server) with ESMTP id DC1281C0009B;
    Reply-To: <service@securiter.fr>
    From: "Lloyds TSB Bank Plc" <service@securiter.fr>
    Subject: Lloyds TsB - Please Reconfirm Your Account Access !!!
    Date: Thu, 4 Sep 2008


    Dear Customer,

    Lloyds TSB has been receiving complaints from our customers for unauthorised use of the Lloyds TSB Online accounts. As a result we are making an extra security check on all of our Customers account in order to protect their information from theft and fraud.

    Due to this, you are requested to follow the provided steps and confirm your Online Banking details for the safety of your Accounts. Please Click Here To Start .

    However, Failure to do so may result in temporary account suspension. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.

    Thanks for your co-operation.


    Fraud Prevention Unit
    Legal Advisor
    Lloyds TSB.


    --------------------------------------------------------------------------------
    Accounts Management As outlined in our User Agreement, Lloyds TSB (r) will periodically send you information about site changes and enhancements.

    Please do not reply to this e-mail. Mail sent to this address cannot be answered.
     
  10. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    Received: from web32.extendcp.co.uk ([79.170.40.32]) by bay0-mc10-f15.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Sun, 7 Sep 2008 22:24:51 -0700

    Origin IP Address = 79.170.40.32 = Heart Internet Network, 2 Castle Quay, Castle Boulevard, Nottingham. NG7 1FW. abuse@heartinternet.co.uk

    Received: from web32.extendcp.co.uk (web32.extendcp.co.uk [127.0.0.1]) by web32.extendcp.co.uk (8.13.1/8.13.1) with ESMTP id m880BFof020023 for ~********@hotmail.com>; Mon, 8 Sep 2008 01:11:15 +0100
    Received: (from squirtinternet.com@localhost) by web32.extendcp.co.uk (8.13.1/8.13.1/Submit) id m880BFoQ020022; Mon, 8 Sep 2008 01:11:15 +0100
    Date: Mon, 8 Sep 2008 01:11:15 +0100
    Message-Id: ~200809080011.m880BFoQ020022@web32.extendcp.co.uk>

    From: info@hi5.com
    Sent: Monday, September 08, 2008 1:11 AM
    To: ********@hotmail.com
    Subject: Dear Costumer a LLOYDSTSB Bank we have a plan for you




    Dear Customer,
    Lloyds TSB has been receiving complaints from our customers for unauthorised use of the Lloyds TSB Online accounts. As a result we are making an extra security check on all of our Customers account in order to protect their information from theft and fraud.


    Due to this, you are requested to follow the provided steps and confirm your Online Banking details for the safety of your Accounts. Please Click Here To Start . Link disabled for security!

    However, Failure to do so may result in temporary account suspension. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.


    Thanks for your co-operation.


    Fraud Prevention Unit
    Legal Advisor
    Lloyds TSB.


    Accounts Management As outlined in our User Agreement, Lloyds TSB (r) will
    periodically send you information about site changes and enhancements.
    Please do not reply to this e-mail. Mail sent to this address cannot be answered.
     
  11. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    Grateful thanks to ISP - Heart Internet

    Heart Internet have responded to this post by closing down the scammer's accounts! :rofl:
     
  12. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    The scammers work was all in vain, his site is dead and down the drain...

    :D It seems there may be a problem with the criminal's "Phishing" site in post #12 as it doesn't seem to work any more! ;) It had been flagged by McAfee SiteAdvisor and the "Phish Tank" and seems to have disappeared.
     
  13. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    And another new one!

    X-Message-Delivery: Vj0zLjQuMDt1cz0wO2w9MDthPTA=
    X-Message-Status: n:0
    X-SID-PRA: Lloyds TSB <Customers@service.com>
    X-Message-Info: ysLeRTxWe9xIikARe7/4OePm5PhdJvPjHIs4aVkX9FwUv9Z5ZVR9MAXXMiY8qSbYnX7cbu1mY7xChwZhMxtimQ==
    Received: from anchor-post-36.mail.demon.net ([194.217.242.86]) by bay0-mc8-f20.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Tue, 9 Sep 2008 03:02:24 -0700
    Received: from gafferjf.demon.co.uk ([80.177.2.206] helo=User) by anchor-post-36.mail.demon.net with smtp (Exim 4.67) id 1Kd03C-0002wE-Lh; Tue, 09 Sep 2008 10:02:22 +0000

    Oriigtin IP Address = 80.177.2.206 = Demon Hostmaster Group, Thus plc., Gateway House, 322 Regents Park Road, Finchley, N3 2QQ London, UNITED KINGDOM

    Reply-To: <Customers@service.com>
    From: "Lloyds TSB"<Customers@service.com>
    Subject: Unlock Your Lloyds Account
    Date: Tue, 9 Sep 2008 11:02:22 +0100
    Bcc:
    Return-Path: Customers@service.com


    From: Lloyds TSB
    Sent: Tuesday, September 09, 2008 11:02 AM
    Subject: Unlock Your Lloyds Account




    Account Locked !

    Dear Lloyds TSB Member,

    Due to the number of incorrect login attempts, your Lloyds TSB Account has been locked for your security. This has been done to secure your accounts and to protect your private information in case the login attempts were not done by you..
    At Lloyds TSB Bank we care about your security so, for your protection we are proactively notifying you of this activity.

    If you did not trigger this lockout, follow this link to Log on to your Lloyds TSB Online Account :

    Click here to unlock your account Link is disabled as it is still working. Reported to McAfee SiteAdvisor and in the "Phish Tank"


    Thank you for your prompt attention to this matter.

    We apologize for any inconvenience.



    Thank you for using Lloyds TSB!
    Please do not reply to this e-mail. Mail sent to this address cannot be answered.
     
  14. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    This one is from a criminal in Germany!

    Received: from cg-p00-ob.rzone.de ([81.169.146.192]) by bay0-mc6-f3.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Wed, 17 Sep 2008 17:01:16 -0700

    Origin IP Address = 81.169.146.192 = Cronon AG, Pascalstrasse 10, D-10587 Berlin, Germany

    Date: Wed, 17 Sep 2008 23:49:15 GMT
    To: ********@hotmail.com
    Subject: Dear Costumer Lloyds TSB has been receiving complaints from our customers for unauthorised use of the Lloyds TSB Online accounts.
    From: Lloyds TSB <new@lloydstsb.com>
    Reply-To: new@lloydstsb.com
    Return-Path: postmaster+1187947@post.webmailer.de

    Dear Customer,


    Lloyds TSB has been receiving complaints from our customers for unauthorised use of the Lloyds TSB Online accounts. As a result we are making an extra security check on all of our Customers account in order to protect their information from theft and fraud.


    Due to this, you are requested to follow the provided steps and confirm your Online Banking details for the safety of your Accounts. Please Click Here To Start. Hidden link to a site in Germay - disabled as still active

    However, Failure to do so may result in temporary account suspension. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.



    Thanks for your co-operation.



    Fraud Prevention Unit
    Legal Advisor
    Lloyds TSB.


    --------------------------------------------------------------------------------
    Accounts Management As outlined in our User Agreement, Lloyds TSB (r) will
    periodically send you information about site changes and enhancements.

    Please do not reply to this e-mail. Mail sent to this address cannot be answered.

    The "Phish" has been put on McAfee SiteAdvisor and is in the "PhishTank".
     
  15. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    Another one!

    Different addresses, "hacked" site and names.


    Received: from mail10.syd.optusnet.com.au ([211.29.132.191]) by bay0-mc5-f13.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Thu, 18 Sep 2008 11:32:20 -0700
    Received: from User (81.199.184.242.satcom-systems.net [81.199.184.242] (may be forged)) (authenticated sender mangrove@optusnet.com.au) by mail10.syd.optusnet.com.au (8.13.1/8.13.1) with ESMTP id m8IIM54k011204; Fri, 19 Sep 2008 04:22:42 +1000

    Origin IP Address = 81.199.184.242 = Sky2Net, United Kingdom, hosting for: CALL TELECOM, RUE SEBASTIEN ESSOMBA, YAOUNDE, CAMEROON


    Message-Id: <200809181822.m8IIM54k011204@mail10.syd.optusnet.com.au>
    Reply-To: <customer_dpt@www.lloydstsb.com>
    From: "the Lloyds TSB Online"<customer_dpt@www.lloydstsb.com>
    Subject: Confirm your Online Banking details for the safety of your Accounts
    Date: Thu, 18 Sep 2008 11:25:44 -0700
    Bcc:
    Return-Path: customer_dpt@www.lloydstsb.com




    Dear Customer,


    Lloyds TSB has been receiving complaints from our customers for unauthorised use of the Lloyds TSB Online accounts. As a result we are making an extra security check on all of our Customers account in order to protect their information from theft and fraud.


    Due to this, you are requested to follow the provided steps and confirm your Online Banking details for the safety of your Accounts. Please Click Here To Start .


    However, Failure to do so may result in temporary account suspension. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.



    Thanks for your co-operation.



    Fraud Prevention Unit
    Legal Advisor
    Lloyds TSB.


    --------------------------------------------------------------------------------
    Accounts Management As outlined in our User Agreement, Lloyds TSB (r) will periodically send you information about site changes and enhancements.

    Please do not reply to this e-mail. Mail sent to this address cannot be answered.

    The "Phishing" link is disabled as the site is still active.
     
  16. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    Received: from User (adsl196-172-106-206-196.adsl196-4.iam.net.ma [196.206.106.172]) by mwinf2112.orange.fr (SMTP Server) with ESMTP id 171911C00082; Sun, 21 Sep 2008 13:56:00 +0200 (CEST)

    Origin IP Address = 196.206.106.172 = Oumlil Aniss, Direction Internet , division operation Rabat, Maroc (MOROCCO)

    Reply-To: <onlineservice@lloydstsb.com>
    From: "Lloyds TSB" <onlineservice@lloydstsb.com>
    Subject: LloydsTSB Internet Banking Authorize Your Login -- Code: 6771 .
    Date: Mon, 22 Dec 2008 07:53:33 +0100
    To: undisclosed-recipients:;
    Return-Path: onlineservice@lloydstsb.com



    Dear Lloyds TSB Customers .

    Due to concerns, for the safety and integrity of the Lloyds TSB account we have issued this warning message.

    It has come to our attention that your Lloyds TSB account information needs to be restore as part of our continuing commitment to protect your account in this year 2007 and to reduce the instance of fraud on our website. If you could please take 5-10 minutes out of your online experience and restore your personal records you will not run into any future problems with the online service.

    Once you have restore your account records your Lloyds TSB account service will not be interrupted and will continue as normal.

    To restore your Lloyds TSB records click on the following link:

    Restore Your Lloyds TSB Account Access. Link is still active so disabled here for safety.

    Thank You.
    Accounts Management As outlined in our User Agreement, Lloyds TSB will periodically send you information about site changes and enhancements.




    Yours sincerely


    Anita Hockin,
    Head of Internet, Lloyds TSB



    Please do not reply to this e-mail. Mail sent to this address cannot be answered.



    Lloyds TSB Bank plc and Lloyds TSB Scotland plc are authorised and regulated by the Financial Services Authority and signatories to the Banking Codes. FSA authorisation can be checked on the FSA’s Register at: www.fsa.gov.uk/register. Lloyds TSB Bank plc and Lloyds TSB Scotland plc are members of the Financial Services Compensation Scheme and the Financial Ombudsman Service. Lloyds TSB Group plc.
    Lloyds TSB are unable to respond to replies sent to this email address.
     
  17. Mr. Roboto

    Mr. Roboto Administrator

    Irregular Check Card Activity

    Dear Sir/Madam:

    More...

    Apparent Sender: Lloyds TSB
    Return Address: <jamesbo@ yahoo.com>
    Location: 91.121.50.204, France, OVH SAS, abuse report to [abuse@ovh.net]
     
  18. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    Received: from smtp2b.orange.fr ([80.12.242.145]) by bay0-mc5-f23.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Sun, 28 Sep 2008 04:44:03 -0700
    Received: from smtp21.orange.fr (mwinf2110 [10.232.7.38]) by mwinf2b10.orange.fr (SMTP Server) with ESMTP id AA0F11D9FA0F; Sat, 27 Sep 2008 21:49:13 +0200 (CEST)
    Received: from smtp21.orange.fr (mwinf2107 [10.232.7.35]) by mwinf2110.orange.fr (SMTP Server) with ESMTP id A107C1C00081; Sat, 27 Sep 2008 21:49:13 +0200 (CEST)
    Received: from User (mail.kivc.biz [193.34.9.107]) by mwinf2107.orange.fr (SMTP Server) with ESMTP id C3BF61C000A2; Sat, 27 Sep 2008 21:49:05 +0200 (CEST)

    Origin IP Address = 193.34.9.107 = Nlink LLC, 21/2, Ostrovskogo str., Ryazan, 390035, Russia

    From: "Lloyds TSB" <security@llodystsb.com>
    Subject: Account Locked !
    Date: Sat, 27 Sep 2008 23:49:13 +0400
    To: undisclosed-recipients:;
    Return-Path: security@llodystsb.com


    Dear Customer,


    Lloyds TSB has been receiving complaints from our customers for unauthorised use of the Lloyds TSB Online accounts. As a result we are making an extra security check on all of our Customers account in order to protect their information from theft and fraud.


    Due to this, you are requested to follow the provided steps and confirm your Online Banking details for the safety of your Accounts. Please Click Here To Start . Link disabled.


    However, Failure to do so may result in temporary account suspension. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.



    Thanks for your co-operation.



    Fraud Prevention Unit
    Legal Advisor
    Lloyds TSB.


    --------------------------------------------------------------------------------
    Accounts Management As outlined in our User Agreement, Lloyds TSB (r) will
    periodically send you information about site changes and enhancements.

    Please do not reply to this e-mail. Mail sent to this address cannot be answered.
     
  19. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    Received: from drmvps.vit.com.tr ([79.171.18.229]) by bay0-mc6-f19.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Thu, 2 Oct 2008 00:25:00 -0700
    Received: from apache by drmvps.vit.com.tr with local (Exim 4.67) (envelope-from <safirweb@safirpc.com>) id 1KlPym-0004MS-To for ********@hotmail.com; Thu, 02 Oct 2008 11:20:36 -0400
    To: ********@hotmail.com
    Subject: Lloyds TSB has been receiving complaints from our customers for unauthorised use of the Lloyds TSB Online accounts.
    X-PHP-Script: safirpc.com/images/skod.php for 81.192.167.129

    Origin IP Address = 81.192.167.129 = Direction Internet ,division operation, Rabat, Maroc

    From: Lloyds TSB <noreply@Lioydstsb.co.uk>
    Reply-To:
    Date: Thu, 02 Oct 2008 11:20:36 -0400
    Return-Path: safirweb@safirpc.com

    Dear Customer,
    Lloyds TSB has been receiving complaints from our customers for unauthorised use of the Lloyds TSB Online accounts. As a result we are making an extra security check on all of our Customers account in order to protect their information from theft and fraud.


    Due to this, you are requested to follow the provided steps and confirm your Online Banking details for the safety of your Accounts. Please Click Here To Start . Link still live so disabled.

    However, Failure to do so may result in temporary account suspension. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.
    Thanks for your co-operation.
    Fraud Prevention Unit
    Legal Advisor
    Lloyds TSB.

    Accounts Management As outlined in our User Agreement, Lloyds TSB (r) will
    periodically send you information about site changes and enhancements.
    Please do not reply to this e-mail. Mail sent to this address cannot be answered.

    The link is flagged by McAfee Siteadvisor as a "Phishing" trap.
     
  20. Garreg Ddu

    Garreg Ddu Gweinyddwr Staff Member

    Received: from smtp2b.orange.fr ([80.12.242.145]) by bay0-mc2-f10.bay.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Wed, 1 Oct 2008 14:34:27 -0700
    Received: from smtp20.orange.fr (mwinf2020 [172.22.130.120]) by mwinf2b15.orange.fr (SMTP Server) with ESMTP id 089641CABA56; Wed, 1 Oct 2008 01:03:00 +0200 (CEST)
    Received: from smtp20.orange.fr (mwinf2023 [172.22.130.123]) by mwinf2020.orange.fr (SMTP Server) with ESMTP id 725E01D58443; Tue, 30 Sep 2008 17:45:33 +0200 (CEST)
    Received: from User (adsl196-138-90-206-196.adsl196-3.iam.net.ma [196.206.90.138]) by mwinf2023.orange.fr (SMTP Server) with ESMTP id 6A86B1C00115; Tue, 30 Sep 2008 17:45:24 +0200 (CEST)

    Origin IP Address = 196.206.90.138 = Office National des Postes et Telecommunications, Direction Internet, division operation, Rabat, Maroc

    Reply-To: <onlineservice@lloydstsb.com>
    From: "loydsTSB" <onlineservice@lloydstsb.com>
    Subject: LloydsTSB Internet Banking Authorize Your Login -- Code: 6771 .
    Date: Wed, 31 Dec 2008 11:42:35 +0100
    To: undisclosed-recipients:;
    Return-Path: onlineservice@lloydstsb.com


    From: loydsTSB
    Sent: Wednesday, December 31, 2008 11:42 AM
    To: undisclosed-recipients:
    Subject: LloydsTSB Internet Banking Authorize Your Login -- Code: 6771 .




    Dear Customer,


    Lloyds TSB has been receiving complaints from our customers for unauthorised use of the Lloyds TSB Online accounts. As a result we are making an extra security check on all of our Customers account in order to protect their information from theft and fraud.


    Due to this, you are requested to follow the provided steps and confirm your Online Banking details for the safety of your Accounts. Please Click Here To Start. Link site dead already.

    However, Failure to do so may result in temporary account suspension. Please understand that this is a security measure intended to help protect you and your account. We apologize for any inconvenience.



    Thanks for your co-operation.



    Fraud Prevention Unit
    Legal Advisor
    Lloyds TSB.


    --------------------------------------------------------------------------------
    Accounts Management As outlined in our User Agreement, Lloyds TSB (r) will
    periodically send you information about site changes and enhancements.

    Please do not reply to this e-mail. Mail sent to this address cannot be answered.
     

Share This Page