Home » Blog
3rd Sep
Thursday, September 3rd, 2015

The UOB ONE Savings Account, comparison with the OCBC 360 offerings

Posted by Shaun at 8:23 pm under Current Issues, Thoughts | 32646 Reads | 5 Comments

UOB definitely got everyone’s attention with the recent introduction of an elevated interest savings account plan. The UOB ONE Account is a pretty attractive plan on paper with a maximum possible saving interest rate “up to” 3.33%, the highest offered by any bank in Singapore to date. Standard Charted first started this with their bonus saver accounts, which are not as popular as the OCBC 360, which had proven that the best method for banks to rake in massive cash in-flow in the shortest time possible.

UOB had always known for their attractive fixed despots (FDs), but this latest offering will possibly kill off FDs altogether today. The UOB One Account looks to offer two different plans with two fixed maximum interest rates at 2% p.a. and 3.33% p.a., based on your contributions to your savings account (up to $50,000), with the latter beginning the more feasible one. The catch is that you do not get the full 3.33% p.a. interest rate up front from your minimum deposit, but rather only from your $30,001-th dollar. UOB also requires a minimum salary contribution of S$2,000, 3 GIRO deductions and S$500 minimum credit card spend on a UOB One Card- really similar to OCBC 360 offerings.

A quick summary and comparison of both banks offerings and your return of investment from various deposit amounts ($20k-$50k) in the table below:

Plan/Bank
UOB One Account (3.33% tier)
(Min deposit $2000)
OCBC 360
(Min deposit $1000)
   

Annual $ interest earned

  Annual $ interest earned
Constituent item Interest Rates E.g. $20k deposit E.g. $40k deposit E.g. $50k deposit Interest Rate E.g. $20k deposit E.g. $50k deposit
Savings 1st $10k: 1.5%
Next $20k: 2.0%
Next $20k: 3.33%
Above $50k: 0.05% (basic rate)
$150+ $200 $150+ $400+ $333 $150+ $400+ $666 Determined by constituent items
Monthly salary credit (min. S$2,000) 1.2% Up to $60k $240 $600
GIRO credit 0.5% $100 $250
Credit card spend (min $500) 0.5% $100 $250
Save bonus
(e.g. $1000)
NA
NA
NA
NA
1% $10 $10
Total yearly (monthly)
$350.00
($29.17)
$883
($75.58)
$1216.00
($101.33)
$440.00 ($36.67) $1100.00 ($91.67)
Annual ROI
1.75% 2.21% 2.43%
2.20% 2.20%

To grasp a better understanding of the interest rate sensitivity between the two banks offering, when you plot the p.a. interest ROI to savings/deposit (e.g. $10,000 to $100,000), you will notice the OCBC tend to favour small deposits, with near-constant interest rates from the $3,000 minimum amount, while the UOC plan has a linear increasing interest rate peaking at a maximum nominalised value of 2.43% p.a. (and not as the collective “3.3%” as claimed) which is overall higher than OCBC offerings.

UOB OCBC Savings ROI analysis

Once past the $60,000 mark, your money is working much lesser for you, with the ROI from both banks falling drastically below the 2% mark. UOB offerings are on average 0.5% lower than OCBC’s per dollar, as such it is not recommend to leave any amount beyond $60k with UOB.

Assumptions of analysis:

  • Calculated based on a monthly $1,000 savings (for OCBC saving interest), which is representative of an “average savings rate”, though this adds a somewhat negligible 0.01-0.02% p.a. to OCBC p.a rates.
  • Excludes the respective credit cards rebate perks.
  • Excludes additional interest from investment and insurance packages, which is not relevant for most customers on these plans.

With that, I have recommendations from 3 possible scenarios:

  • You have the option to open an account with either bank.
    If you have under $40,000, go for OCBC 360, as the entry interest rate is consistent starting from the minimum deposit sum. At $40,000 deposit, the savings ROI is similar for both banks. However, if wish to obtain the maximum possible interest rate from your savings and have at least $50,000, go for UOB One, you will earn $105 more p.a. (at $50,000) than the OCBC 360.
  • You are currently on OCBC 360.
    Stick to OCBC 360, as the interest rate difference between the two is somewhat too low to be worth the hassle for a switch. (Maximum interest difference is 0.21% or $105 p.a. from $50,000 savings).
  • You have over $100,000 in saving deposits.
    It is recommended to split your pie between both banks which each account not exceeding $60,000 each. If you are currently with OCBC and maxed out your 360 account $60,000 bonus interest cap, opening an alternative account with UOB and putting at least $50,000 will bring you the best of both worlds, topping with a savings ROI of ~4.65% collectively. It is not recommended to leave over $60,000 in either account given opportunity costs of investing it elsewhere (e.g. the Singapore government bonds for instance).

Hope this analysis helps, if you have any queries or doubts of my evaluation methodologies; do feel free to open it for discussion at the comments below.

14th Apr
Tuesday, April 14th, 2015

OCBC 360 account 3.05% interest drop reduction and revisions

Posted by Shaun at 6:48 pm under Current Issues | 3219 Reads | Post Comment

I had always been a fan of OCBC 360 deposit account, and been on their 3.05% interest on savings for almost a year. From my market research, the bank probably offers the best savings interest in the Singapore banking market in terms of savings interest and also meeting my current cash portfolio as a saver so far. In a nutshell, it comprises of 4 main elements, namely a 0.05% base interest on your savings account and an additional 1% interest if you do any of the 3 following: 1) Credit your monthly salary into the account, 2) Pay 3 Bills, 3) Spend $400 on any OCBC plastic. As such, you can effectively earn 3.05%/pa savings interest, but only applicable on the first S$50,000 of your account balance.

I had been in touch with a few representatives from OCBC who got me in on a revision to the interest rates, with effect from May 1st 2015. The following will be in effect:

  • Pay any 3 bills using OCBC Online Banking or GIRO every month for 0.5%/pa extra (down from 1%/pa).
  • Spend at least S$500 on your OCBC Credit Cards every month for 0.5%/pa extra (down from 1%/pa after S$400 spend).
  • Savings base interest remains at 0.05% (Unchanged)
  • Monthly salary deposit bonus interest remains at 1% (Unchanged)

It seems that OCBC had met their fresh fund injection target which was really successful since the 360 account introduction about a year ago, thus the interest reduction. If you satisfy the above elements, you can still earn a base interest of 2.05%/pa on the first S$50,000 (~approx $85/monthly) of your account balance, which is a 33% reduction in monthly bonus interest.

OCBC indicated to make up for the interest reduction, there will be also additional “bolt-ons” to allow you to increase your 360 interest further, but they are unable to announce it as of yet. I am guessing that could range from insurance, investments or installment plans, which will bring the maximum interest, possibly back to the 3% area. If you ask me, it sounds pretty much like a DBS multiplier plan to me now.

OCBC will offer an official press release in due time, possibly around the end of April for the interest to be in effect at the start of May this year.

8th Mar
Monday, March 8th, 2010

Chile, nine days later

Posted by Shaun at 9:20 pm under Current Issues | 1122 Reads | Post Comment
Chile 9days later

It was devastating, nine days after an 8.8-magnitude earthquake killed hundreds of people in south-central Chile, relief efforts were beginning to reach those in need, rescue missions became recovery missions, and rebuilding is already under way. In the days since the February 27th quake, nearly 150 aftershocks have been recorded, including thirteen above magnitude 6.0.

Despite the rush of humanitarian aid to all affected areas, the government has been criticized by Chileans, who say the response was slow and inefficient. One recent government action was to grant a short amnesty to looters before sending troops out in search of stolen goods. Nearly $2 million worth of looted items were returned, often dumped on roadsides, by Sunday.

Collected here are photographs from the past week in quake-affected Chile.

Credit – Boston.com, Read more: Chile, nine days later

3rd Dec
Thursday, December 3rd, 2009

Borders UK to wind up business

Posted by Shaun at 12:46 am under Current Issues | 1271 Reads | Post Comment
Borders UK closing down

Word of good buys can go a far way, well despite the financial situation of the store actually offering the bargains. Borders UK and it’s current owners and joint administrators are currently working with the company’s management in order to attempt to sell the business as a going concern. Much of Border’s UK operations are winding down as well, and they are no longer accepting orders and transactions through its website. All stores are still open with sales up to 30% all books whilst the financial position of the Company is currently being assessed.

Borders (UK) Limited has 45 stores, 36 trading as Borders and 9 as Books Etc across the UK. They always have this typical trademark style in their stores which I always adore- a humongous store layout with all books unwrapped for browsing, just like a library with lots of browsing/seating areas often with a cafe always nearby. “Borrowing” a book home, well means of course involves purchasing it, but hey there are no due dates right?

It is just sad that they have to go, it will leave a big hole in the retail scene particularly in the small city of Cambridge. Since my visit to the store yesterday, apparently business is real good with about a third of the books already wiped out from the store. Had a chat there with the staff who were really grateful to the mass of people expressing concern on the financial situation of the company. They are all as lost in the state of things now with hope of finding a buyer for the chain of store and saving the franchise here. There is no word of the financial state of Borders in the US or back home in Singapore, but I think the situation is not as bleak as it is here, well or that I know of from home?

27th Mar
Friday, March 27th, 2009

Remember to flick the switch on earth day, tomorrow

Posted by Shaun at 5:54 pm under Current Issues | 3534 Reads | 1 Comment

Vote Earth! On Saturday 28 March 2009 8:30PM local time, wherever you live on planet earth, your light switch is your vote to climate change.

Vote Earth Switch Shepard Fairey

This year, Earth Hour has been transformed into the world’s first global election, between Earth and global warming.

For the first time in history, people of all ages, nationalities, race and background have the opportunity to use their light switch as their vote – Switching off your lights is a vote for Earth, or leaving them on is a vote for global warming. WWF are urging the world to VOTE EARTH and reach the target of 1 billion votes, which will be presented to world leaders at the Global Climate Change Conference in Copenhagen 2009.

This meeting will determine official government policies to take action against global warming, which will replace the Kyoto Protocol. It is the chance for the people of the world to make their voice heard.

Earth Hour began in Sydney in 2007, when 2.2 million homes and businesses switched off their lights for one hour. In 2008 the message had grown into a global sustainability movement, with 50 million people switching off their lights. Global landmarks such as the Golden Gate Bridge in San Francisco, Rome’s Colosseum, the Sydney Opera House and the Coca Cola billboard in Times Square all stood in darkness.

In 2009, Earth Hour is being taken to the next level, with the goal of 1 billion people switching off their lights as part of a global vote. Unlike any election in history, it is not about what country you’re from, but instead, what planet you’re from. VOTE EARTH is a global call to action for every individual, every business, and every community. A call to stand up and take control over the future of our planet. Over 74 countries and territories have pledged their support to VOTE EARTH during Earth Hour 2009, and this number is growing everyday.

We all have a vote, and every single vote counts. Together we can take control of the future of our planet, for future generations.

VOTE EARTH by simply switching off your lights for one hour, and join the world for Earth Hour. Saturday, March 28, 8:30-9:30pm.

22nd Mar
Sunday, March 22nd, 2009

Networking site restraints and blogging compel-lance

Posted by Shaun at 9:07 pm under Current Issues | 4322 Reads | Post Comment

It had been sometime since I last wrote an entry in here. I am starting to think that maybe Facebook or Twitter may be taking over the possible hassle of blogs. But I do not think we will see the death of the blog, particularly this one as well. You may see me more relatively active on Facebook now, as I personally find it quite a neat way to keep in touch with your friends on the masses when abroad or those who do not read my blog without the need of personal emails which might give the wrong intentions otherwise.

Foxtrot Twitter Joke

Services like twitter are cool, though I do not use them personally despite pressure from many for me to join, I think such services are just there to satisfy the exhibitionism need of the modern wired generation. So as as shred web developer I worked with once told me: “There was Friendster, Myspace, Youtube, Multiply, now Facebook, you can’t go wrong satisfying the age of exhibitionism now on the web”. And that seems to be true, with an explosion of social networking sites saturating the web like never seen before, came the first Facebook elections, opposition online campaigns in Malaysia to various online scandals in China we see today.

Like it or not, with so much power to reach out the masses on the net now comes great responsibility- one must practice restraint. I once read chirpily on an article on the Straits Times on people who tweet or use the notorious “what are you doing now” field on Facebook as if they’ve hard wired their chain of thought right into the internet- everything from brushing your teeth in the morning to even voicing opinions or secrets that may possibility sow discord among people.

I was once asked in an interview about the compel-lance of one to blog or voice out to the world, just like you know, whether do bloggers for example see blogging as an activity only when there is a time for it or one which have to be fueled like feeding an addiction. I guess it all boils down to restraint.

Restraint is a skill I guess needs to be nurtured not only to protect the privacy of others but yours as well including your rights. Technologically wise, it’s just to easy to snap and upload any content instantly. Psychologically-wise, I guess there is still much work to be done. I recalled being asked on razor TV once on the need of self-moderation as a blogger, personally I guess it just boils down to the nature and the stand of your blog and intended audiences and your ability to handle the consequences beyond your actions. So say, if you are writing a political blog, so be it only if you can make your stand, justify them accordingly and prepare for the flak which follows. The same goes for blogs of other nature such as those requiring critique or reviews. The funny thing is that words are mighty as it is and interpretations only lie in the eyes of the interpreter. Taking Obama’s latest remark on the Jay Leno show few days ago, obviously he wasn’t making a direct comparison of his bowling score with the special Olympics, but many do not think otherwise.

Just as the saying goes “empty vessels make the loudest noise”. I ponder whether such sayings are very much applicable on the internet age now.

30th Jul
Wednesday, July 30th, 2008

Street Directory.com back online with dragable maps

Posted by Shaun at 12:51 am under Current Issues | 4387 Reads | 8 Comments

If you were to followup my past articles on virtual map (aka the peeps who run the streetdirectory.com web portal) being shut down by the SLA Singapore Land authority after breaching copyrights, only to be revived back online only to be left without it’s maps after being denied it’s appeal to get back up into operations. Got a tip of from Virtual Map PR recently that the website is back now online with its maps! Ya! no more messing around trying to make the dumb and ridged SLA maps services work for me.

The site is now owning by the company which created JobsDB, so it’s not owned by virtual map anymore, but 10 of the senior staff previously from virtual map had joined the present website team. Dissecting the site, the interface is largely the same, so no revamp of the current site design, only with the functionality of the maps back online and running. In fact it’s even better than before with dragable maps just like in google earth. Dominated throughout the site are still litters of google ad-sense advertisements which always seem to crowd and over-saturate all the pages you visit there. I will recommend a google adsense ad-blocker (firefox has few good add-ons) when visiting this site if you do not want to accidentally click on the very deceiving well-placed ads.

For those looking for directions via public transport, you are not in for anything new either- SMRT bus services are still not included in the Bus search, but the SBS and MRT ones are still good.

Now time to get finding some places!

13th Jul
Sunday, July 13th, 2008

iPhone 3G release in Singapore- September

Posted by Shaun at 4:08 pm under Current Issues | 12287 Reads | 13 Comments
Update: The iPhone is said to be out on August 22nd 2008. This is confirmed with newspaper reports on the Straits Times.
iPhone 3G release singapore

Just as September is brining Singtel how on the heels with the first Formula one night race, looks like we are seeing a trend here here the release of the iPhone on your sunny shores (and India) in September as well. Yes you heard it right Singapore, September is the month to get it officially and legally through SingTel.

There are rumors that an estimated ten thousand iPhones will be imported into Singapore for the deal, and there may be a change with Apple’s tight policy of monopolizing only on selected carrers, so as told by Apple’s chief operating officer Tim Cook- Speaking at the Goldman Sachs Investment Symposium on the iPhone not being beholden to the one-carrier strategy used so far, even if it makes the most sense from a business standpoint. More freedom to Mac lovers?

Cook made the observation when asked why Apple hadn’t seen fit to offer either an unlocked version or multi-carrier offerings from the outset, noting that the particular conditions of the US and the initial launch made it impractical to try and satisfy every carrier and user. For Americans, Apple would have had to release at least two iPhones — one for CDMA networks and one for GSM — potentially making the learning process overly complex for the public. This model could change over time, he says, but the ultimate plan is to provide the best possible experience early on. The existing tie-in with AT&T gave Apple a large amount of coverage while allowing both companies to be themselves, and a simple experience for first-time users.

“We’re not married to any business model,” Cook explained. “What we’re married to is shipping the best phones in the world.”

He added that for some areas to get the iPhone, it might be necessary to drop even staple features of most cellphone services. Some areas rarely if ever offer post-pay (subscription) cellphone service, for example, which would require a setup process devoted solely to prepaid options. This isn’t a sign of things Apple will or won’t do in the market, Cook warned investors. The officer also reiterated that there would always be a certain level of hacking no matter how widespread the phone might be, if simply because the demand exists. When users outside of official areas are “stepping over each other” to import iPhones, that indicates significant potential, he said.

The Apple senior staffer also noted that the iPhone’s price cut to $399 during the holidays wasn’t just a reaction to customers who thought the device was too expensive. It helped build momentum and a user base for the upcoming SDK, which he said would let programmers “only be limited by [their] imagination.”

Beyond the iPhone, Cook acknowledged but downplayed concerns that the market for digital music players was oversaturated and cooling off. In a rare admission, the COO admitted that sales for the iPod shuffle had lagged by 17 percent worldwide during the holidays and was the key factor behind new price cuts that should help rekindle sales.

There was also likely some cannibalization of iPhone sales by the iPod touch, but the iPod sold well and needed to be out in the market to set the groundwork for the Wi-Fi mobile platform it represents, he said. However, Cook reassured investors and analysts at the Goldman Sachs event by characterizing the iPhone as the company’s greatest chance at success to date. Apple is still on track to sell 10 million iPhones in 2008, he said — a statement that sent the company’s share price up over 3 percent in after-hours trading.

The iPhone is already an “incredible accomplishment,” he said, but has far more potential in the long term. “I need a word bigger than ‘enormous’ to describe it.”

Given that, there may be a degree of variation from country to country, so don’t be expecting the iPhone 3G to be available to M1 or Starhub telcos as of yet, it’s so far exclusive to Singtel and possibility with the phone locked to ST networks just like how AT&T had been doing it. A first to Singapore as for now? With that, there is no official word whether the phone will be available in Singapore unlocked for other telcos, though Singtel is the only official carrier to sell and distribute the phone here as of now. Its widely expected that by the time it gets out here, the iPhone will be a revised version, presumably utilizing the new 3G chipset to keep up with the competition and local network speeds here in Asia.

So Singaporeans do what you always do your country proud for, its a national sport! Start queuing up (and setting up camp) for the iPhone 3G at the Singtel comm center now!

External info links:
Review of the Apple 3G phone | Blending your iPhone 3G for starters

4th Jun
Wednesday, June 4th, 2008

Obama wins, Clinton wavers!

Posted by Shaun at 12:29 pm under Current Issues | 3090 Reads | Post Comment
Barack Obama Crowd

Barack Obama, have a lock on the Democratic presidential nomination. As things are looking up for their party, it’s time the wounds are healed between the party’s favorite candidates as Clinton maneuvers for the Vice President slot.

As quoted by Obama speaking in a packed sports arena:

“Senator Hillary Clinton has made history in this campaign not just because she’s a woman who has done what no woman has done before, but because she’s a leader who inspires millions of Americans with her strength, her courage, and her commitment to the causes that brought us here tonight.”

“Our party and our country are better off because of her, and I am a better candidate for having had the honor to compete” with her, he said.

Let be another chance for the 1st US lady president, this will be a founding moment for the Blacks in the US history. And will Martin Luther King, Jr will be proud.

3rd Jun
Tuesday, June 3rd, 2008

The new north gas laws- a possible drifter for ties?

Posted by Shaun at 1:08 pm under Current Issues | 2341 Reads | Post Comment
A race to conquer tomorrow

Well there had been quite alot in the news of the new cross-border pump rules for Singaporean vehicles up north, let be those from Thailand similarly not able to pump subsidized petrol 50km from the borders. I remembered it being almost implemented and mentioned last few weeks only to be rumored to be scrapped, but revived again in today’s Straits Times. As with every new rule introduced, there will be bound to be flak and comments.

If you are to consider this new rule just another in the bag similar to those cross-border water issues of the past or let be fighting over rocks and islands on the South China sea, well that is open for anyone’s deduction, especially if you can see that coming (will cigarettes be next?). Notably official remarks on the issue from our side had been rather quiet as well.

Just as you can hear those petrol station bosses on the fringe of the 50km radius dancing with glee, with that comes many talk about it in town as well, let be coffee shop talk. You also can’t deny the possible social, geographical zoning and monetary implications of this already topic, especially with Singapore long standing 3/4 tank rule seeming rather irrelevant now as well.

with traffic clogging up the behind them!

This is to very much of dismay to those who work across or run businesses across the causeway as well. My dad recently told me how some of his Singapore-based friends who set up businesses and factories just across the border expressing deep dissatisfaction of the rules making life more difficult for them, given the already high prices of petrol.

The question looming in their heads right now is them questioning the recognition of their investment efforts in Johor itself (even I will give it some thought if I were in their shoes). There are also a handful of Malaysians I know as well who are affected by it, having own Singapore registered cars as well. So it’s not just a matter of who’s driving it, but where the car came from? Or will that be a possible area of exploitation? As ultimately, won’t it the owners/citizens themselves who are open for local tax related exemptions/issues?

Whatever the implications, just as how we respect any policies of the north, we should not take lightly the possible social implications involved.

22nd May
Thursday, May 22nd, 2008

Redefining “Is bad news really good news?”

Posted by Shaun at 10:04 pm under Current Issues | 2296 Reads | Post Comment

Hadn’t been following in depth much on current issues, except the headlines lately, being tied down at work, tomorrow is my last day as a official “sai-kang” staff in SP so things are starting to pick p the pace again.

Looking at the recent front page headlines of the Straits Times since last week with nothing but death and destruction featured day to day, it’s not like we’ve already got enough of the typhoon and earthquakes already. This is also of course with the exception of noting the good intentions and relief efforts from few countries, but otherwise a breeding ground for international “IOUs” and opportunistic donors to take the limelight on the media. Maybe I should avoid the local papers in the meantime till our press cools down and divert their attention to something more less depressing, like maybe 2 countries fighting over a lighthouse island for starters?

Laughingly are also are the criticisms to Yao Ming’s relatively minute contribution of $50,000 to his country’s earthquake relief fund, cited as “an amount given which has no significant effect to his bank account (of $55 million)”. Given China notorious for their mostly not so socially conscious people, it simply paints the fact that even a basketball star like him can think that the people in own country are not deserving of a generous donation? Well it seems like a big smack in the back for China with the Olympics around the corner.

Oh yea other news, David won in this 7th season of American idol, which David? well go watch it then!

Thats all I have for the “news” part. Now back to typing out the southern ridge park connector article I’ve been working on since the last 2 days after uploading all the photos yesterday, it will be a 3 page special we can see up by the weekend in the shiny new running routes page (check it out at my navigation menu link!) as well, if everything goes as planned.

19th May
Monday, May 19th, 2008

How to recognize spam phishing emails (adsense, websbiggest.net, Paypal, HSBC, etc)

Posted by Shaun at 11:14 am under Current Issues | 28840 Reads | 7 Comments

All about Phishing
Phishing is nothing new to most web users nowadays, but despite how aware we are, there will always still be people who get caught unaware by them, even I was almost fooled once. Phishing mails had came a long way from simple autonomous plain-text mails to nicely detailed craft emails from various banks or monetary organizations- all made to appear like official emails to cheat or exploit their victims. While thankfully most phishing emails often appear obviously different from the genuine ones, though there are some exceptionally very good ones which mimics the official email letterhead on top of masking emails and sender’s addresses.

I found this of a concern as I believe that almost most people out there are users of these few payment or banking services, so there will bound to be exploits and cause for concern. Here are 3 “rather commendable” emails I’ve received personally myself to date which I will be using as examples for my illustration:

Case one- Paypal account deactivation (one of the possible “problems” your account can have)
For long paypal has always emphasized that they do not send out any emails to users with regards to asking for personal account information. The only time you will get an official email from them is upon registration.

Paypal phishing spam emails

This email I’ve received is one the best ones I’ve got which looks almost like the real thing. With proper image headers, support, contact and paypal addresses at the email footer as well- it simply amazes me is how professionally laid out it is and how phishing emails had came through. This particular ones states you account has been suddenly deactivated and have to follow up to their “resolution center” with your login details to verify your account so it can you it again- very cunning.

Checking the email URLs for authenticity
Upon closer inspection in the HTML coded url, it actually points to a site other than paypal.com. So a good habit in outlook is to hover over any hyperlinks to see which root domain is it actually pointed to (in this case one called “update-informations.com” with a “paypal” subdomain). I can presume that these cheaters also use the same domain for other banks simply by changing the subdomain, e.g. HSBC.update-informations.com or CITI.update-informations.com.

A general rule is anything originating from your bank’s root or top-level domain (TLD) is genuine, this includes it’s subdomains (e.g. anything before the “.” like sgsubs.subway.com- “sgsubs” is the subdomain), to the domain name (or mid level domain MLD) itself (e.g. subway.com) and subfolders, anything following after the slash “/” from the TLD (e.g. subway.com/blt_special), with the following examples you can test yourself with:

– https://anything.paypal.com = Real (though they seldom use subdomains)
– https://www.paypal.com = Real
– https://www.paypal.com/cgi-bin = Real
– http://login.data.paypal.com = Fake (masked MLD)
– https://paypal.com.survey-infos.com = Fake (another masked MLD)

Another good way to tell you are on a real site is the presence of secure http, or the secure hypertext protocol denoted by https:// before your actual URL. The absence of a website icon can also be a give away as well. You can read more in relations to paypal at their Security Center.

I’ve received similar official looking emails from “HSBC” and “Bank of America” as well. However, these emails are more or less based on the similar hit-and-run principal- in other words you can’t fool people unless you are either a member of any of those banks. It was a dead giveaway for me as I was neither a HSBC or Bank of America member, so something was definitely amiss.

Such emails can take few over forms as well, such as asking you to update your personal particulars (e.g routine update, survey, etc) to an email warning you of unauthorized account access, alerting you to “login” immediately to rectify the problem. Remember, banks WILL not ask you for account information through email, they will always mail it to your physical home addresses. When in doubt, ALWAYS call your bank to confirm the email before proceeding or even providing any personal information, and please do yourself a favor by not calling the phone numbers listed in the phishing email itself.

Google adsense/adwords phishing emails

Case two- Update my Google Adsense details?
Being a Google advertising user myself, I believe most users will simply pounce at any official email sent from them. But won’t all members be confirmed of their details through snail mail and only at the point of registration? Why the email out of the blue? In fact, these emails will be the same for other “problems” to get your attention to act, such as account intrusion, account deactivation, etc… Sneaky…

The page is made to look like a standard plain text email, but it is infact HTML coded, so the URLs shown are not the true URLs. As suspected, what appears to be a link pointing to http://adwords.google.com/ is rather, directed to a subdomain with “adwords.google” on the root domain “g500oz.cn”, a China registered website. Now ain’t that sneaky or what?

Hidden sender’s email- who actually sent the email?
At a glance, the email header reads, “adwords-noreplay [adwords-noreply@google.com]”, though the word “replay” is already a big giveaway, do note that sometimes phishers put a true-looking email as their sender’s email name (where we normally put to address names such as “John Tan”, or “Jennie Tay”). This is a flaw in outlook as it will automatically renders the next best available thing- if a name is provided, it will show the name, if not an email will be shown. Doing it seemlessly by default may allowing phishers to mask the true senders “from” email address from the user’s view unless you view the actual message properties. So, in all do not trust what you see in the outlook headers, especially if you suspect the source of it.

Encoded/variable URLs – do not click!
This URL however (adwords.google.com.g500oz.cn/select/Login), is safe if you accidentally click on it. As the most just your browser type, screen resolution settings and IP address (which gives geographical info) can be captured which actually means nothing to them. Thereafter, the most you will be directed to is a “ripped” login site made to look like the host’s site where “logging” won’t get you anywhere, but all your real login data captured and stored to be later exploited.

However, if you were to encounter a link however one in the format: “www.phishingsite.com/webscr?cmd=_your@email.com” or with your@email.com replaced with a numerical id such as “file.php?=&id=232137” with a question mark character tied to a variable/parameter (I have an example in the following case 3), these will actually send a verification back to the phisher/spammer server indicating that your email is indeed active. You can only expect more spam to come your way when that happens.

Case three- websbiggest.com or websbiggest.net?
This example is not much of phishing case but simply one of the most ingenuous ones I came across in verifying your active email. It’s very interesting one and I will believe will fool most users due to the very legitimate look of the domain name and how the site appears to look.

Websbiggest.net phishing email check

The email I’ve received from them has an encoded URL for me to click and “verify” my search engine submission, going by “websbiggest.net/update.cmf?d=shaunchng.com”. It’s outright, not hidden and is a legitimate top level domain (TDL), seems to be OK with no problems and most webmasters would simply pounce on free search engine submission.

I however, copied the TDL “websbiggest.net” and pasted that in my browser for verification, the page loads and it appears completely normal. Upon closer inspection, the URL I was directed too was perfect (www.websbiggest.net) and no hidden subdomains or HTML overwritten hyperlinks just like in the adsense and paypal email. I was paranoid, as it was a completely legitimate and functional search engine, till I started mouseovering all their links and they all point to the “http://websbiggest.com/” domain. Got ya!

Besides having a keen eye for detail (or you will miss this one) some background knowledge of your search engine submissions will be useful as well- I’ve never added my site on the webbiggest.com search directory but “they” had sent me a rather looking legitimate email with a full site description of my site (presumably taken from my site’s meta description or google cache). I verified that the .net TDL and the .com TDL are indeed 2 separate identities.

Websbiggest.net and Websbiggest.com nameserver check

In other words, the search engine with the .com top level domain (TLD) is real, but the page with the different .net TLD is actually a container housing the .com site inside it so it appears active. Another way to verify this is to check the page info (firefox) or page properties (in IE) by right clicking the page. People using internet explorer can only do so by selecting “view source” on the page they right click on, where firefox will allow you to view the source of specific frames- prompting you that the page you are viewing has nested frames.

A closer look at the domain registrar verfies my claim, the legitimate .com domain has a proper DNS and nameserver: NS1.WEBSBIGGEST.COM and NS2.WEBSBIGGEST.COM while websbiggest.net is registered with all similar “ripped” contact details, only that the account is registered anonymously and pointed to nameservers from DirectInc, (NS0.DIRECTNIC.COM and NS1.DIRECTNIC.COM) a budget webhost based in New Orleans, LA.

What amazes me is the extent and measures phishers take into creating their phishing emails directed to their “cheat sites”, this one is a good example.

When encountering such emails, just simply ignore and delete them and you will be safe. Do not attempt to reply them too.

I hope this article with these few examples helps you into your awareness of phishing emails and how to properly handle them despite resembling like their legitimate counterparts. It will be sometime before phishers get their capabilities up again and that is only when arming ourselves- the end user with these basic habits where we can minimize exploits and fraud not only for yourself but for your immediate loved ones as well.

 Page 1 of 3  1  2  3 »


Search box

Ads