Dear Natwest bank, phishing spam is killing your brand.


Dear Natwest bank, phishing spam is killing your brand.


Dear NatWest bank, I was never your customer.

Spam pretending to be from Natwest bank, rambling on with mindnumbing phrases like: "security and confidentiality are at the heart of Natwest Bankline. Your data (and your money) is protected by a number of technologies, including Secure Sockets Layer (SSL) encryption." then asking me to:"Please login to Natwest online banking using the link below and follow the instructions on the screen." ensures that I will never be your customer, even if I did move back to the UK.

These spams are really beginning to piss me off. Last week alone, I received exactly 467 of these stupid Natwest spams. And it hit me. Phishing spams kill brands. I could never trust a bank that allow their name to be abused in such a way.

So where is the IT-brand-brigade, whose job it is to ensure that the brand isn't sullied by internet bullies? To busy commenting on blogs and youtube I assume - I've seen so many "brand managing" tactics go that route. Stopping spam like these should be part of the online brand managing gig as well. Heck, get together with a bunch of other large banks, and form a taskforce that works on stopping all forms of phishing attempts and use that in your brand communication and I might even begin to trust banks again.


oh fer cryin' out loud! I had just posted that when I received this in my inbox:

Date: Mon, 30 Jun 2008 08:52:00 +0200
From: National Westminster Bank Plc [email protected]
To: Dabitch
Subject: NatWest Bank reminder: confirm your NatWest Bank client details! -Sun, 29 Jun 2008 23:50:10 -0800

Dear customer of NatWest bank,

We are running a scheduled maintenance on our servers. We want to make sure your money and your personal details are safe and secure.
Due to new security policies all NatWest bank customers must complete the Natwest Customer Form.

To complete the form, please use the link below:

Natwest Customer Form

This should take you directly to the Natwest Customer Form.

Natwest Customer Service


0x6, 0x8, 0x2, 0x5, 0x94212999, 0x08, 0x66, 0x99226766, 0x471, 0x4039, 0x00854498, 0x24501587, 0x851, 0x3 hex, hex, R581, 33E, AEI, WAW, 7HE, api, serv 0x1,
0x485, 0x470, 0x6965, 0x4927, 0x301, 0x69, 0x58, 0x4791, 0x368, 0x346 6618008134109222962196567423772769 0x03, 0x3220, 0x0, 0x77, 0x21961869, 0x21871475, 0x0,
0x1, 0x93089631, 0x87470155, 0x66 U2K: 0x3660, 0x86872410, 0x8, 0x3, 0x71757152, 0x72, 0x096, 0x42, 0x9777, 0x799, 0x7, 0x515 0x9, 0x806, 0x96914978, 0x81,
0x1541, 0x603, 0x545, 0x13, 0x3, 0x6272, 0x2727, 0x381, 0x18899993, 0x6, 0x077 0XB5: 0x0621, 0x97929935, 0x14256014, 0x3793, 0x05, 0x84560737, 0x938, 0x523,
0x7, 0x8769, 0x9, 0x90, 0x49 function: 0x2610, 0x1884, 0x266, 0x15, 0x5139, 0x8, 0x9, 0x441, 0x671, 0x7, 0x9 OFQY: 0x9, 0x1, 0x3, 0x9, 0x51, 0x27

0x555, 0x1, 0x73, 0x4, 0x629, 0x44, 0x6412, 0x07, 0x20505457 0x824, 0x8285 0x4493, 0x50875872, 0x2, 0x487, 0x910, 0x0014, 0x45, 0x6, 0x3331, 0x152, 0x43,
0x79222139, 0x4 rcs, KJZE, function, TQI1, include, SDY, end 0x9809, 0x85189796, 0x64197174, 0x3795 90554498361 0x103, 0x5, 0x0, 0x7, 0x1, 0x806, 0x102,
0x95380417, 0x517, 0x8, 0x9769 include interface file BPDF LKF type 0x9616, 0x97453123, 0x1, 0x78, 0x1675, 0x49, 0x00, 0x3935, 0x68816022, 0x66, 0x3, 0x3467
0x3, 0x200, 0x0185, 0x3, 0x42, 0x51211120, 0x46 0x4, 0x8, 0x579, 0x2, 0x12, 0x4291, 0x68, 0x42447602, 0x91253248, 0x1776, 0x23, 0x31, 0x23

close: 0x32236823, 0x8, 0x74, 0x85, 0x4062 RBR1: 0x9, 0x251, 0x2550, 0x69527489, 0x13, 0x8, 0x1598, 0x67862064, 0x7, 0x9 0x7, 0x46, 0x265, 0x3, 0x8 SYL: 0x15,
0x85, 0x239, 0x15289721, 0x8, 0x330, 0x59, 0x70122769, 0x673, 0x64 TS2O, update, 24CU, tmp, SZ6, cvs, rev, 6OS rcs: 0x74498225, 0x34, 0x38, 0x146, 0x3, 0x37,
0x134, 0x77326118, 0x231, 0x54509399, 0x0, 0x894, 0x15 0x307, 0x0, 0x5548, 0x8981, 0x5363, 0x11, 0x84 0x9840, 0x8, 0x42207270, 0x46, 0x10523406, 0x26629129,
0x6 S5XE revision QCUC. 0x19, 0x5, 0x917, 0x8, 0x439, 0x2, 0x53674586, 0x2, 0x99009187, 0x69, 0x3012 4675825985905798201017654109923269

10218957TXF: 0x85, 0x8, 0x723, 0x1 0x5308, 0x7, 0x4905, 0x7, 0x09842071, 0x76, 0x01189689, 0x67 0x7373, 0x61850092, 0x7, 0x969, 0x53316244, 0x00, 0x904, 0x24,
0x503, 0x0

Of course, it's not FROM Natwest, but to a gullible person it really looks like it is. The expanded headers reveal that it's from .es: Received: from ( ) - [email protected] just got a report on it.

I quite enjoy following their links, and logging in with an incredibly obscene and imaginative curse. I don't know if anyone ever sees them , but it gives me a bit of satisfaction.

Well someone is doing the phishing so THEY see it. :)

Since posting this I got ten more. Incredibly annoying.

If you answer it, they know it's going to a live address and you'll only get more.

Hadn't thought of that. Crap.

Oh I never reply. I get them to dud addreeses such as "gapingvoid@" which was a user-email/his mailinglist way back in 2002 or something.

Forward them to the members of the board at NatWest or Royal Bank of Scotland (parent company) then you'll probably find they do something about it.

>> Off to find email address of CEO, see how he/she likes it.

Then again, just thinking - does the CEO of NatWest already receive phishing emails - and does he/she get them for other banks?

Add new comment