The UK's Halifax has been forced to temporarily close its online banking service after its customers were sent spam e-mails asking them to reveal security details on a bogus Web site.
According to press reports, a spokesperson for the Halifax says the bank doesn't know how many people received the e-mails but customers would be compensated for any losses.
The scam, called 'phishing' which uses spam e-mail to direct users to fake Web sites in order to dupe them into giving over personal financial data.
Halifax is the fifth major UK bank to be hit with a phishing scam this month. Both Barclays and LloydsTSB have been targeted, and some NatWest customers received a similar spam e-mail last Friday. Nationwide was also targeted just after midnight on Monday morning. The UK building society has warned customers to be extra-vigilant in a security alert posted on its Web site.
Last week the British Bankers' Association (BBA), Apacs and the UK's National Hi-Tech Crime Unit (NHTCU) warned against a two-tiered e-mail scam that has emerged in the UK over the past two months.
The first part of the scam involves e-mails being sent to consumers claiming to be from banks, asking them to re-activate their accounts at a replica bank Web site.
Customers are then persuaded to accept deposits into their online accounts which they then forward to a third party, minus a transaction fee which the customer keeps. But once the transactions are completed, the inital deposit is cancelled, resulting in the customer forwarding their own money.
For example, if £5,000 is received into an account, £4,500 is forwared by the customer. The initial transaction (£5,000) is then cancelled, resulting in the customer sending £4,500 of their own funds.