Phishing Email

I’m a fiery and short tempered person in nature, and it doesn’t take much to anger me or annoy me. As of late, I’ve been receiving an email that I suspect a ‘phishing email’. For those who are not really familiar with the term ‘phishing’, phishing an act of sending an email to a user and falsely claiming to be an established legitimate enterprise or organization in an attempt to scam the user into surrendering private information that will be used for identity theft.

The email will usually directs the user to visit a website where they are asked to update personal information, such as passwords,credit card codes, id number, and bank account numbers that the legitimate organization already have in their database. The website, however, is bogus and set up only to steal the user’s information.

The recent email that irritates me to no end lately is an email claimed to be sent on the behalf of CIMB Bank, Malaysia. So, after receiving the same email a few times, I’ve decided to report it to CIMB Bank for further investigation. I’d like to share the phishing email with my dear readers as a forewarning. Do not fall for the email below.

Dear CIMB Bank customer,

We are hereby notifying you that we’ve recently suffered a DDos-Attack on one of our’s Internet Banking server. For security reasons you must complete the next steps to verify the integrity of your CIMBClicks account. If you fail to complete the verification in the next 24 hours your account will be suspended.

Here’s how to get started:

1. Log in to CIMBClicks online account (click here).

2. You must request for TAC online via CIMBClicks – your TAC will be sent via SMS to the mobile phone number you registered at the ATM.
( you can find the “request TAC” button in the left menu of your account )

3. Logout from your account and close the browser.

4. When you have received the TAC (Transaction Authorization Code) on your mobile phone, Log in to our secured verification server and submit the requested information(Account user ID, password and TAC).CLICK HERE to go on our secured server.

5. Please allow 48 hours for processing.

Please comply and thanks for understanding.
© 2008 CIMB Bank

Note: Please do not reply to this email.
This mailbox is not monitored and you will not receive a response.

I’ve forwarded the email to CIMB Bank for further investigation, and was pleased to note that I receive a reply that’s less than 24hours. Here I’d like to extend my gratitude to CIMB for their efficient PR service. (Which is so unlike the bloody McD. Til tis very second, I still haven’t get any feedback from them)

Below is the content of my short notice to CIMB Bank:

I’ve received this suspicious email. I don’t even have a CIMB account, how is it possible that your bank would request me to verify the integrity of my account? Please alert your clients about this phishing email. This is the third time I received the same email.



This is what CIMB Bank personnel, Ain, wrote to me, confirming that it’s indeed a phishing email. So I thought, I’d warn you guys about the phishing email. Don’t fall for it, okay?

Dear Sir/Madam,

Thank you for reporting to us on the matter.

We wish to inform you that the e-mail is NOT from us. This is a phishing email as the contents are absolutely not related to our bank, CIMB Bank Berhad.

Please to be informed that this message or email can be safely ignored and discarded

For further information this e-mail would be sent to thousands or maybe millions of users. Recipients are not necessarily being CIMB Customers. Fraudsters are merely holding on to lady luck to get responses from CIMB Bank customers. That is the reason most phishing emails carries a very generic greeting (example: Dear CIMB Bank Customer). Meaning there are probabilities a non CIMB customer will receive these sorts of emails.

Regards and have a pleasant day.


Cleffairy: Do take note that banks do not usually ask you to verify your pin number or password via emails or phone. So please do not fall for such tricks, for the consequences could be fatal.

PS: Dear readers, please feel free to copy/paste phishing email, apart from the one above and share it with the rest of us here. Feel free to share your ‘phishing’ experience here too, be it via emails or the ones via phone calls. 😀


  1. cleffairy says:

    Yeah… no kidding wan. A lot, sometimes even receive phonecalls from those so called credit cards company asking for dunno wud verification. But of course, I immediately know it’s just a phishing call, cuz I dun even have a credit card to even begin with. LMAO… every time I receive such calls, this is what I always answer:

    “Bloody hell, I dun even own a freaking credit card! WTF are you talking about? Go scam some other idiots, you fool!”

    =.= okay… that was not exactly a polite thing to do, but I think my acts were justified, cuz they are cheating!

  2. Kellaw says:

    Did you read the news that when your money is conned, they cant do a shit? Good PR doesn’t help those unfortunate ones. That’s why when I get this kind of things, i dont give a glance. just delete. lol.

  3. cleffairy says:

    Kellaw, of course they can’t do a shit about the idiosyncrasies. Who ask those people not to think before they act of believe such things in the first place? Anyway, PR personnel’s job is only to attend to the customer’s questions, etc etc, but it’s the techies department that’s supposed to handle such matters. Like my complaints to McD… the PR personnel is supposed to gv me feedback on my questions and complaints, but it’s the management that’s supposed to deliver changes. PR personnels are just middle man in most cases. That’s their job, nothing more than that. But this is Malaysia, management are sucks most of the times.

    I dun delete this kind phishing emails…I usually would forward it to the organization in questions, get their verification that it’s phishing, den attach the bloody reply in my email and forward it to people that I know so that they wun fall for it, just in case.

  4. suituapui says:

    Just delete ALL emails from people you do not know. If it’s important, they’ll get in touch with you soon enough. They used to do that kind of scam by phone!!! I also will refuse calls from strangers (unless house phone, dunno who’s calling…so have to answer!).

  5. cleffairy says:

    =.= my line of work cannot delete all emails from unknown senders… ahahaha…but even though I dun delete all emails from unknown senders…I’m sure as hell I wun answer any phonecalls from unknown numbers to my cellphone… kacau nia. Unless it’s private number… ahaha, cuz dunno who is calling, and afraid it’s from office. =.=

  6. Pingback: 354
  7. ecam says:

    I have trouble with CIMB regarding their CPP business partner and went to complain. Their CSD should be applauded for getting back to me unlike CPP which totally ignore me. The only thing that I fumed about is that CIMB released my credit card detail to CPP without my consent and allow CPP to charge my card. Luckily I checked my statement every month and hound them both using Bank Negara which at last CPP relent and return my money back.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.