Security Market Segment LS
Wednesday, 05 June 2019 00:17

Cyber criminals use ‘banks’ as phishing email scam attacks increase Featured

By
Cyber criminals use ‘banks’ as phishing email scam attacks increase Image Stuart Miles at FreeDigitalPhotos.net

The banking industry is increasingly becoming a favourite among cyber criminals, according to security vendor MailGuard, which has detected a new phishing email scam purporting to be from Westpac.

MailGuard said that after intercepting multiple variations of an email scam “spoofing” the National Australia Bank earlier on Tuesday, it had now identified the new scam with scammers using a display name "Westpac Bank", with the emails actually sent by what appears to be a compromised account.

“The message body is in plain-text, advising recipients that some unusual activity was noticed on their account. Their account has been temporarily locked and a link is provided to re-activate their account,” MailGuard said in a statement.

MailGuard says unsuspecting recipients who click on the link are led to a Westpac branded phishing page, asking for their account ID and password.

“Once they enter these details, they are taken to a second page asking for some personal information, such as date of birth, mobile number and driver’s licence number (see westpac 3),” Mailguard notes.

“When this second page is submitted, the user is shown a page stating their account is being verified, after a short pause they are redirected to the actual Westpac bank login page.

“Whilst this attempt isn’t as sophisticated as many other examples we have seen, it will still fool less vigilant recipients into entering their login credentials.

“Phishing preys on the weakest link in the IT security chain – users. Tricking someone into handing over their password is far simpler than breaking into a bolstered system. As a result, hackers use tactics such as brandjacking to manipulate users and obtain sensitive data,” MailGuard cautions.

Here are certain signs that MailGuard says point to this email’s illegitimacy:

  • The plain-text email has no branding or customised information. It starts with "we noticed some unusual activity in your account" with no further details about this activity.
  • There are several grammatical inconsistencies such as "Sign On here", and the lack of proper punctuation (‘re activate’).
  • Real banks never direct their customers to click a link to sign in to resolve an issue.

And, as a precaution, MailGuard urges email users not to click links within emails that:

  • Are not addressed to you by name.
  • Appear to be from a legitimate company but use poor English, or omit personal details that a legitimate sender would include.
  • Are from businesses that you were not expecting to hear from.
  • Take you to a landing page or website that is not the legitimate URL of the company the email is purporting to be sent from. The URL for Westpac’s Internet banking login page is: https://online.westpac.com.au

BUSINESS WORKS BETTER WITH WINDOWS 1O. MAKE THE SHIFT

You cannot afford to miss this Dell Webinar.

With Windows 7 support ending 14th January 2020, its time to start looking at your options.

This can have significant impacts on your organisation but also presents organisations with an opportunity to fundamentally rethink the way users work.

The Details

When: Thursday, September 26, 2019
Presenter: Dell Technologies
Location: Your Computer

Timezones

QLD, VIC, NSW, ACT & TAS: 11:00 am
SA, NT: 10:30 am
WA: 9:00 am NZ: 1:00 pm

Register and find out all the details you need to know below.

REGISTER!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Peter Dinham

Peter Dinham is a co-founder of iTWire and a 35-year veteran journalist and corporate communications consultant. He has worked as a journalist in all forms of media – newspapers/magazines, radio, television, press agency and now, online – including with the Canberra Times, The Examiner (Tasmania), the ABC and AAP-Reuters. As a freelance journalist he also had articles published in Australian and overseas magazines. He worked in the corporate communications/public relations sector, in-house with an airline, and as a senior executive in Australia of the world’s largest communications consultancy, Burson-Marsteller. He also ran his own communications consultancy and was a co-founder in Australia of the global photographic agency, the Image Bank (now Getty Images).

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments