Phishers wanted to pick up login details through replica site.
Scammers attempted to con Halifax customers out of their login details by claiming the bank’s website was due to be updated, according to the security vendor Malwarebytes.
Victims were allegedly sent an email asking them to confirm their account to avoid "loss of messages, files [and] contacts" and being locked out of the service, but the webpage linked to was actually a phishing page.
Christopher Boyd, malware intelligence analyst at Malwarebytes, said: "We can’t give a rundown of all the data the phishers were looking for due to the site being taken down speedily, but as per this Phishtank page they wanted usernames and passwords at a bare minimum.
"If you’ve been caught out by this particular mail you should contact your bank as soon as possible. The above phish may be offline, but the promise of somewhat extravagant website redesigns used as bait in other emails remains."
The scammers had clearly taken some time to construct a plausible phishing site, which was indistinguishable from the official Halifax page, according to screenshots from Phishtank.
Boyd also noted that the scheme followed a similar Halifax-related phishing campaign from a few months back, which focused on a database update.
He added: "What is it with scammers and Halifax product and service updates?"