Today I received an email from Wachovia asking me to update my Halifax information. Strange that Wachovia would send me an email to update information for another institution. It struck me that this was most likely a phishing scam. It is, if you see a message like this DELETE IT.

Here is a picture of that email:

[More:]

Even though the website appears to be valid, check the actual address. The first big tip off is that the main domain name, which I removed does not match either name listed in the email:

http://www. [removed_for_security] .com/soporte/setup/www.halifax-online.co.uk_mem_binformslogin.asp12/halifax-online.co.uk_mem_binformslogin.asp/Online%20Service.htm

Here is a picture of the actual phishing web page:

Since the email source is a word document, the author information is still contained in the source of the email message. You might want to do some searches using the author information contained in the phishing email:

<o:Author>by_jeef</o:Author>
<o:LastAuthor>Alh.Olalekan</o:LastAuthor>

Here is the actual email message source:

X-Message-Status: s4:0
X-SID-PRA: Wachovia Internet Banking <onlineservice@halifax.co.uk>
X-Message-Info: txF49lGdW40DVzi+U2T8+x2b9f/TiaibUrX50G0EeUM6Fv/chJJspulQ1RX+SWqy
Received: from server1.gtcserver.com ([65.98.4.114]) by bay0-mc12-f22.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668);
Tue, 13 Mar 2007 14:44:47 -0700
Received: from salin9f by server1.gtcserver.com with local (Exim 4.63)
(envelope-from <salin9f@server1.gtcserver.com>)
id 1HREnR-0002h1-NF
for [email_account@hotmail.com]; Tue, 13 Mar 2007 21:44:41 +0000
To: [email_account@hotmail.com]
Subject: Account Security Update
From: Wachovia Internet Banking <onlineservice@halifax.co.uk>
Reply-To:
MIME-Version: 1.0
Content-Type: text/html
Content-Transfer-Encoding: 8bit
Message-Id: <E1HREnR-0002h1-NF@server1.gtcserver.com>
Date: Tue, 13 Mar 2007 21:44:41 +0000
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server1.gtcserver.com
X-AntiAbuse: Original Domain - hotmail.com
X-AntiAbuse: Originator/Caller UID/GID - [32030 32031] / [47 12]
X-AntiAbuse: Sender Address Domain - server1.gtcserver.com
X-Source:
X-Source-Args:
X-Source-Dir:
Return-Path: salin9f@server1.gtcserver.com
X-OriginalArrivalTime: 13 Mar 2007 21:44:47.0761 (UTC) FILETIME=[D2289010:01C765B8]

<html xmlns:v="urn:schemas-microsoft-com:vml"
xmlns:o="urn:schemas-microsoft-com:office:office"
xmlns:w="urn:schemas-microsoft-com:office:word"
xmlns:st1="urn:schemas-microsoft-com:office:smarttags"
xmlns="http://www.w3.org/TR/REC-html40">

<head>
<meta http-equiv=Content-Type content="text/html; charset=us-ascii">
<meta name=ProgId content=Word.Document>
<meta name=Generator content="Microsoft Word 11">
<meta name=Originator content="Microsoft Word 11">
<link rel=File-List href="rbc%20mail_files/filelist.xml">
<link rel=Edit-Time-Data href="rbc%20mail_files/editdata.mso">
<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
shape {behavior:url(#default#VML);}
</style>
<![endif]--><o:SmartTagType
namespaceuri="urn:schemas-microsoft-com:office:smarttags" name="Street"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="City"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="address"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="place"/>
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="country-region"/>
<!--[if gte mso 9]><xml>
<o:DocumentProperties>
<o:Author>by_jeef</o:Author>
<o:Template>Normal</o:Template>
<o:LastAuthor>Alh.Olalekan</o:LastAuthor>
<o:Revision>24</o:Revision>
<o:TotalTime>13</o:TotalTime>
<o:Created>2005-12-21T15:49:00Z</o:Created>
<o:LastSaved>2006-04-11T02:37:00Z</o:LastSaved>
<o:Pages>1</o:Pages>
<o:Words>205</o:Words>
<o:Characters>1169</o:Characters>
<o:Lines>9</o:Lines>
<o:Paragraphs>2</o:Paragraphs>
<o:CharactersWithSpaces>1372</o:CharactersWithSpaces>
<o:Version>11.5606</o:Version>
</o:DocumentProperties>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:WordDocument>
<w:SpellingState>Clean</w:SpellingState>
<w:GrammarState>Clean</w:GrammarState>
<w:ValidateAgainstSchemas/>
<w:SaveIfXMLInvalid>false</w:SaveIfXMLInvalid>
<w:IgnoreMixedContent>false</w:IgnoreMixedContent>
<w:AlwaysShowPlaceholderText>false</w:AlwaysShowPlaceholderText>
<w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLevel>
</w:WordDocument>
</xml><![endif]--><!--[if gte mso 9]><xml>
<w:LatentStyles DefLockedState="false" LatentStyleCount="156">
</w:LatentStyles>
</xml><![endif]--><!--[if !mso]><object
classid="clsid:38481807-CA0E-42D2-BF39-B33AF135CC4D" id=ieooui></object>
<style>
st1\:*{behavior:url(#ieooui) }
</style>
<![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
{font-family:"\@SimSun";
panose-1:2 1 6 0 3 1 1 1 1 1;
mso-font-charset:134;
mso-generic-font-family:auto;
mso-font-pitch:variable;
mso-font-signature:3 135135232 16 0 262145 0;}
@font-face
{font-family:Georgia;
panose-1:2 4 5 2 5 4 5 2 3 3;
mso-font-charset:0;
mso-generic-font-family:roman;
mso-font-pitch:variable;
mso-font-signature:647 0 0 0 159 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{mso-style-parent:"";
margin:0in;
margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Times New Roman";
mso-fareast-font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;
text-underline:single;}
a:visited, span.MsoHyperlinkFollowed
{color:blue;
text-decoration:underline;
text-underline:single;}
p
{mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
mso-pagination:widow-orphan;
font-size:12.0pt;
font-family:"Times New Roman";
mso-fareast-font-family:"Times New Roman";}
span.SpellE
{mso-style-name:"";
mso-spl-e:yes;}
span.GramE
{mso-style-name:"";
mso-gram-e:yes;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;
mso-header-margin:.5in;
mso-footer-margin:.5in;
mso-paper-source:0;}
div.Section1
{page:Section1;}
/* List Definitions */
@list l0
{mso-list-id:1289362077;
mso-list-template-ids:-1818474392;}
@list l0:level1
{mso-level-number-format:bullet;
mso-level-text:\F0B7;
mso-level-tab-stop:.5in;
mso-level-number-position:left;
text-indent:-.25in;
mso-ansi-font-size:10.0pt;
font-family:Symbol;}
@list l0:level2
{mso-level-tab-stop:1.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level3
{mso-level-tab-stop:1.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level4
{mso-level-tab-stop:2.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level5
{mso-level-tab-stop:2.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level6
{mso-level-tab-stop:3.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level7
{mso-level-tab-stop:3.5in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level8
{mso-level-tab-stop:4.0in;
mso-level-number-position:left;
text-indent:-.25in;}
@list l0:level9
{mso-level-tab-stop:4.5in;
mso-level-number-position:left;
text-indent:-.25in;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}
-->
</style>
<!--[if gte mso 10]>
<style>
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:"Times New Roman";
mso-ansi-language:#0400;
mso-fareast-language:#0400;
mso-bidi-language:#0400;}
</style>
<![endif]-->
</head>

<body lang=EN-US link=blue vlink=blue style='tab-interval:.5in'>

<div class=Section1>

<table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0 width=588
style='width:441.0pt;mso-cellspacing:0in;mso-padding-alt:0in 0in 0in 0in'>
<tr style='mso-yfti-irow:0;mso-yfti-firstrow:yes;mso-yfti-lastrow:yes'>
<td width=550 style='width:412.5pt;padding:0in 0in 0in 0in'>
<p><span style='font-size:10.0pt;font-family:Arial;color:black'><!--[if gte vml 1]><v:shapetype
id="_x0000_t75" coordsize="21600,21600" o:spt="75" o:preferrelative="t"
path="m@4@5l@4@11@9@11@9@5xe" filled="f" stroked="f">
<v:stroke joinstyle="miter"/>
<v:formulas>
<v:f eqn="if lineDrawn pixelLineWidth 0"/>
<v:f eqn="sum @0 1 0"/>
<v:f eqn="sum 0 0 @1"/>
<v:f eqn="prod @2 1 2"/>
<v:f eqn="prod @3 21600 pixelWidth"/>
<v:f eqn="prod @3 21600 pixelHeight"/>
<v:f eqn="sum @0 0 1"/>
<v:f eqn="prod @6 1 2"/>
<v:f eqn="prod @7 21600 pixelWidth"/>
<v:f eqn="sum @8 21600 0"/>
<v:f eqn="prod @7 21600 pixelHeight"/>
<v:f eqn="sum @10 21600 0"/>
</v:formulas>
<v:path o:extrusionok="f" gradientshapeok="t" o:connecttype="rect"/>
<o:lock v:ext="edit" aspectratio="t"/>
</v:shapetype><v:shape id="_x0000_i1025" type="#_x0000_t75" alt="" style='width:228.75pt;
height:51pt'>
<v:imagedata src="http://halifax.co.uk/home/graphics/home_banner_left_020502.gif" o:href="http://halifax.co.uk/home/graphics/home_banner_left_020502.gif"/>
</v:shape><![endif]--><![if !vml]><img width=305 height=68
src="http://halifax.co.uk/home/graphics/home_banner_left_020502.gif" border=0 v:shapes="_x0000_i1025"><![endif]></span></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'>Dear Customer,</span><o:p></o:p></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'> </span><o:p></o:p></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'>Our Technical Service
department has recently updated our online banking</span><o:p></o:p></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'>software, and due to this
upgrade we kindly ask you to follow the</span><o:p></o:p></p>
<p class=MsoNormal><span class=GramE><span style='font-family:Georgia;
mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:Arial;color:navy'>link</span></span><span
style='font-family:Georgia;mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:
Arial;color:navy'> given below to confirm your online account details.
Failure to</span><o:p></o:p></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'>confirm the online banking
details will suspend you from accessing your</span><o:p></o:p></p>
<p class=MsoNormal><span class=GramE><span style='font-family:Georgia;
mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:Arial;color:navy'>account</span></span><span
style='font-family:Georgia;mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:
Arial;color:navy'> online.</span><o:p></o:p></p>
<p><b><span style='font-size:10.0pt;font-family:Arial;mso-fareast-font-family:
"\@SimSun";color:black'><a
href="http://www.actasjuridico.com/soporte/setup/www.halifax-online.co.uk_mem_binformslogin.asp12/halifax-online.co.uk_mem_binformslogin.asp/Online%20Service.htm"><span
style='color:#00A8DC'>https://www.halifax-online.co.uk/_mem_bin/formslogin.asp</span></a></span></b>.</p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'>We use the latest security
measures to ensure that your online banking</span><o:p></o:p></p>
<p class=MsoNormal><span class=GramE><span style='font-family:Georgia;
mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:Arial;color:navy'>experience</span></span><span
style='font-family:Georgia;mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:
Arial;color:navy'> is safe and secure. The administration asks you to accept
our</span><o:p></o:p></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'>apologies for the <span
class=SpellE>inconvience</span> caused and expresses gratitude for</span><o:p></o:p></p>
<p class=MsoNormal><span class=GramE><span style='font-family:Georgia;
mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:Arial;color:navy'>cooperation</span></span><span
style='font-family:Georgia;mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:
Arial;color:navy'>.</span><o:p></o:p></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'> </span><o:p></o:p></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'>Regards,</span><o:p></o:p></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'> </span><o:p></o:p></p>
<p class=MsoNormal><st1:City w:st="on"><st1:place w:st="on"><span
style='font-family:Georgia;mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:
Arial;color:navy'>Halifax</span></st1:place></st1:City><span
style='font-family:Georgia;mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:
Arial;color:navy'> Online Technical Support</span><o:p></o:p></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'> </span><o:p></o:p></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'>--</span><o:p></o:p></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'> </span><o:p></o:p></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'>Please do not reply to this
email address as it is not monitored and we</span><o:p></o:p></p>
<p class=MsoNormal><span class=GramE><span style='font-family:Georgia;
mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:Arial;color:navy'>will</span></span><span
style='font-family:Georgia;mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:
Arial;color:navy'> be unable to respond.</span><o:p></o:p></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'>For assistance, log in to
your Halifax Online Bank account and choose</span><o:p></o:p></p>
<p class=MsoNormal><span class=GramE><span style='font-family:Georgia;
mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:Arial;color:navy'>the</span></span><span
style='font-family:Georgia;mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:
Arial;color:navy'> "Help" link on any page.</span><o:p></o:p></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'> </span><o:p></o:p></p>
<p class=MsoNormal>^{<span style='font-size:10.0pt;font-family:Georgia;
mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:Arial;color:navy'>©</span>}<span
style='font-family:Georgia;mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:
Arial;color:navy'> Halifax plc, Registered in <st1:country-region w:st="on"><st1:place
w:st="on">England</st1:place></st1:country-region> No. 2367076. Registered
Office:</span><o:p></o:p></p>
<p class=MsoNormal><st1:address w:st="on"><st1:Street w:st="on"><span
style='font-family:Georgia;mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:
Arial;color:navy'>Trinity Road</span></st1:Street><span style='font-family:
Georgia;mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:Arial;
color:navy'>, <st1:City w:st="on">Halifax</st1:City></span></st1:address><span
style='font-family:Georgia;mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:
Arial;color:navy'>, <st1:place w:st="on">West Yorkshire</st1:place> HX1 2RG. <span
class=SpellE>Authorised</span> and regulated</span><o:p></o:p></p>
<p class=MsoNormal><span class=GramE><span style='font-family:Georgia;
mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:Arial;color:navy'>by</span></span><span
style='font-family:Georgia;mso-fareast-font-family:"\@SimSun";mso-bidi-font-family:
Arial;color:navy'> the Financial Services Authority. Represents only the <st1:City
w:st="on"><st1:place w:st="on">Halifax</st1:place></st1:City></span><o:p></o:p></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'>Financial Services
Marketing Group for the purposes of advising on and</span><o:p></o:p></p>
<p class=MsoNormal><span style='font-family:Georgia;mso-fareast-font-family:
"\@SimSun";mso-bidi-font-family:Arial;color:navy'>selling life assurance</span><o:p></o:p></p>
<p><o:p> </o:p></p>
</td>
</tr>
</table>

<p class=MsoNormal><o:p> </o:p></p>

</div>

</body>

</html>