I just got one of those emails trying to scam you into giving out PIN numbers and other financial data (never mind that I've never heard of the bank):
===============================
southtrust logo
Dear Southtrust customer,
Please read this message carefully and follow it's instructions.
Southtrust is committed to maintaining a safe environment for its community of customers. To protect the security of your account, Southtrust employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the Southtrust system for unusual activity.
Recently, our team identified some unusual activity in your account. In accordance with Southtrust User Agreement access to your account will be limited. This is a fraud prevention measure meant to ensure that your account is not compromised.
In order to secure your account we may require some specific information from you. We encourage you to log in by clicking on the link below and complete the requested form as soon as possible.
https://southtrustonlinebanking.com/retail/Login.asp
This e-mail contains information directly related to your account with us, other services you have subscribed, and/or any application you may have submitted.
Sincerely,
Southtrust Security Department.
========================================
Now I noticed when you mouse over the link, it comes back to southtrustaccountverification.com instead of simply an IP address like most scammers use. A WHOIS lookup of the domain name came back to someone, who presumeably, is the not too bright scammer (or maybe all the info he gave is bogus, I don't know):
==================================
Domain Name: southtrustaccountverification.com
Status: ACTIVE
Registrar: YESNIC CO. LTD.
Whois Server: whois.yesnic.com
Referral URL: http://www.yesnic.com
Expiration Date: 2006-05-26
Creation Date: 2005-05-26
Last Update Date: 2005-05-27
Name Servers:
ns7329.southtrustaccountverification.com
ns2017.southtrustaccountverification.com
===============================================================================
-----------------------------------------------
Queried Domain Information as follows
-----------------------------------------------
Domain Name : southtrustaccountverification.com
::Registrant::
Name : Theodore Elston
Email :
Address : 1190 Dundee ave
Zipcode : 95005
Nation : US
Tel : 831-234-4033
Fax :
::Administrative Contact::
Name : Theodore Elston
Email :
Address : 1190 Dundee ave
Zipcode : 95005
Nation : US
Tel : 831-234-4033
Fax :
::Technical Contact::
Name : Theodore Elston
Email :
Address : 1190 Dundee ave
Zipcode : 95005
Nation : US
Tel : 831-234-4033
Fax :
::Name Servers::
ns7329.southtrustaccountverification.com
ns2017.southtrustaccountverification.com
:ates & Status::
Created Date 2005-05-26 12:02:23 EDT
Updated Date 2005-05-26 12:02:23 EDT
Valid Date 2006-05-26 12:02:23 EDT
Status ACTIVE
===============================
southtrust logo
Dear Southtrust customer,
Please read this message carefully and follow it's instructions.
Southtrust is committed to maintaining a safe environment for its community of customers. To protect the security of your account, Southtrust employs some of the most advanced security systems in the world and our anti-fraud teams regularly screen the Southtrust system for unusual activity.
Recently, our team identified some unusual activity in your account. In accordance with Southtrust User Agreement access to your account will be limited. This is a fraud prevention measure meant to ensure that your account is not compromised.
In order to secure your account we may require some specific information from you. We encourage you to log in by clicking on the link below and complete the requested form as soon as possible.
https://southtrustonlinebanking.com/retail/Login.asp
This e-mail contains information directly related to your account with us, other services you have subscribed, and/or any application you may have submitted.
Sincerely,
Southtrust Security Department.
========================================
Now I noticed when you mouse over the link, it comes back to southtrustaccountverification.com instead of simply an IP address like most scammers use. A WHOIS lookup of the domain name came back to someone, who presumeably, is the not too bright scammer (or maybe all the info he gave is bogus, I don't know):
==================================
Domain Name: southtrustaccountverification.com
Status: ACTIVE
Registrar: YESNIC CO. LTD.
Whois Server: whois.yesnic.com
Referral URL: http://www.yesnic.com
Expiration Date: 2006-05-26
Creation Date: 2005-05-26
Last Update Date: 2005-05-27
Name Servers:
ns7329.southtrustaccountverification.com
ns2017.southtrustaccountverification.com
===============================================================================
-----------------------------------------------
Queried Domain Information as follows
-----------------------------------------------
Domain Name : southtrustaccountverification.com
::Registrant::
Name : Theodore Elston
Email :
Address : 1190 Dundee ave
Zipcode : 95005
Nation : US
Tel : 831-234-4033
Fax :
::Administrative Contact::
Name : Theodore Elston
Email :
Address : 1190 Dundee ave
Zipcode : 95005
Nation : US
Tel : 831-234-4033
Fax :
::Technical Contact::
Name : Theodore Elston
Email :
Address : 1190 Dundee ave
Zipcode : 95005
Nation : US
Tel : 831-234-4033
Fax :
::Name Servers::
ns7329.southtrustaccountverification.com
ns2017.southtrustaccountverification.com
:ates & Status::
Created Date 2005-05-26 12:02:23 EDT
Updated Date 2005-05-26 12:02:23 EDT
Valid Date 2006-05-26 12:02:23 EDT
Status ACTIVE