Phishing Scams - How To Tell The Real From The Dud

There's a report in today's Today about OCBC Bank and Citibank customers getting phished. So here's the deal, how do you tell if an e-mail from your "bank" is for real or is a "phish." I'm a Citibank customer and honestly, for the longest time, I thought that their e-mails to me were fakes. Citibank.2926285.67765.0@kc.ap.citibank.com - that's the e-mail address of the "sender." It turns out that it's the real thing but you know, when I see a weird looking e-mail address like that which is obviously MACHINE GENERATED and not belonging to a REAL USER, my first reaction is to delete the e-mail immediately.

So here's the thing - I think the banks need to take a greater responsibility in preventing phishing, and the first thing they should do is to STOP sending all their e-mail marketing stuff to us. Why? Because if they don't send it, then when we do get a phish mail, our suspicions are up immediately. If they send their e-marketing stuff all the time, then the chances are higher that someone will be phished because he would expect e-mails from his bank.

Phishers are targetting almost exclusively bank customers. It's time for the banks here to take a more proactive role in stopping this. And for God's sake, please get a REAL person to send your e-mails, if you must!!