I’ve seen email which appears to be from an online banking/trading site. The wording of the email explains that there are some additional security features that have been activated for the site and that the recepient must connect to the site by following a link.
Don’t follow links in emails. It’s tempting but should be avoided as misdirection of your browsing session can result – in other words – you can be sent to a spoofed page without your consent.
The resulting page (displayed in your browser) is actually hosted by the hacker(malicious individual(s) ).
Be very wary about ANY site which prompts for login credentials or any other Personally Identifiable Information(PII). In particular make sure that such sites have an address starting with “https” rather than “http” – this signifies that the webserver hosting the site has authenticated itself to the browser. Click on the padlock icon to check that the website name matches that listed – if this is the case then it’s incredibly unlikely the site is a spoof. Incidentally “https” also signifies that the communications between your web browser and the web server are encrypted.
The page in questions looked realistic though wasn’t using “https”(SSL) and prompts the user to enter their credentials. If you see such as site IMHO you should not proceed to enter your login information or any other personal information as it’s quite possible that the site is a copy which is being hosted by a hacker.
Most people use the same password for multiple websites(as it’s difficult to remember unique ones for each) and hence such a scam can harvest(gather) login credentials and attempt to use them to sign onto other well known services such as your email or other trading/banking sites.
IF YOU IGNORE THESE WARNINGS and proceed then the next page typically requests personal information often including your bank PIN number and the security digits located on the back of your bank card – obviously such information is VERY useful for a hacker!