Online scammers keep a busy schedule and the familiar online banking scam is making rounds again.
An email titled “Your AIB Code Card is about to expire.” is finding its way to Irish mailboxes, coming from spoofed email addresses like alert@aib.ie or accounts@aibonline.org.
The content looks formal and says:
Dear Customer, Your AIB Code Card is about to expire. You are kindly advised to follow the instructions below. The update form is attached to this email. Please download the attachment, open it, and follow the instructions on your screen. The data submitted will be transmitted over an SSL encrypted connection (128 bit Secure Socket Layer).
While experience with such scams should have taught users not to click on any attachments or links in emails, as they may already be infected with malware, those that still do, are taken to this screen:
The fake form is made to look like the official AIB site, with the logo, colours and fonts matching the original one. But the scammer’s victim is, unline on the official site, asked to enter ALL his details, including the registration number, personal access code and all the code card digits. Unless all are filled out, the “continue” button keeps reminding that each one must be entered and after filling everything in (with fake data in our test case) the victim is re-directed and returned to the AIB official site. Unseen to the victim is, of course, the bit where their personal codes are all sent to the scammers’ database for them to exploit at will. Just imagine the damage someone could do to your accountif they had all this information.
AIB themselves are well aware of the threat and have posted a clear warning against falling for these tricks on their website.
On their website they offer several tips on staying safe:
DO contact us if you receive a fraudulent email.
DO check the last Log In time and date when logging in to Internet Banking.
DO contact us if you see any suspicious activity when using Internet Banking.
DO NOT respond to an unsolicited email asking you to click on a link.
DO NOT click ANY links or open ANY attachments within any email purporting to be from AIB, First Trust Bank or Allied Irish Bank (GB).
DO NOT give out ANY personal or security details including your Personal Access Code (PAC) or codes from your Code Card.
And have a whole report of all fraudulent activities targetting their bank that they’re aware of, ranging from mails like these, to fake phonecalls and text scams. Read it here.
Stay safe online and think before you click!
Urban Schrott
IT Security & Cybercrime Analyst
ESET Ireland
ESET Ireland 
Just to confirm that our account has just been scammed using this exact fraud for Euros 10,000 yesterday.
I am however surprised that normal bank security measures do not link up to the IP address of the Fraud user and stop the transaction from being authorised until a oral phone confirmation is done to the account holder.
I know that with similar accounts in USA that a requested transfer of unusual location is as standard not completed until orally confirmed with the account holder.
It is quite sickening how easily done.