TCF Bank Account Phishing Redux

Last Tuesday, October 19th, another mass email went out to University of Minnesota students attempting to trick gullible students into giving up their TCF bank online login credentials. This is the second of such I have received in the past two months. This time the message was about the same, pointing to a different compromised site. As before, I am posting the message for the world to see.

Dear TCF Bank Customer,

We have noticed unusual activity in some of our customers accounts and 3rd-party access to Online Banking. Because our customers security is our main priority, we request you to verify your account and confirm you are the owner. Validating your account will require about 3 minutes of your time.

To access the activation form click on the following link:

Click here to access your account

Once you have verified and confirmed your account, you can continue using our services as usual.

Elizabeth G. Hayes,
Security Executive,
TCF Bank.

Do people actually fall for this? While it is not verbatim of the previous attempt, it is very similar (to the point anti spam filters should have blocked it). By the time I actually read the email, the compromised site was already cleaned up. There has been an improvement since the last mass phishing attempt, the “U” now provides spam assassin for the central email accounts, you just have to enable it.

And, just a side thought here, why do we still allow BCC to exist in its current form? If we automatically trashed all BCCs from an external network (or not from our address book/contacts list, or from a pre approved sender list), spam like this would have one less avenue to reach our inboxes.

-John Havlik

[end of transmission, stay tuned]