Customers and non-customers are vulnerable to the scam, which asks people to click to view a ‘Secure Message’.
Those who take the bait will in fact download a trojan – used by cybercriminals to hack computers.
MailGuard detected and blocked the malicious email to its global customers this morning, however new iterations of the scam continue to be delivered en masse this afternoon
The email looks legitimate and includes CBA corporate colours. However the attachment includes an old version of the Microsoft Office logo.
The emails came from a recently-registered domain, with the email address firstname.lastname@example.org. They were sent from cloud-hosted servers in Hong Kong, but the attack could have originated anywhere.
The attached document contains a malicious macro that when executed, downloads a virus from a remote location. By instructing recipients to click ‘enable editing’, and then ‘enable content’, it uses the victim to activate the virus.
What is a macro and why is it dangerous?
By enabling a macro, email recipients are allowing criminals to automatically install malicious files, such as Trojans or keyloggers.
Trojans sit quietly in the background, taking actions not authorised by the user, such as modifying, stealing, copying or even deleting data.
A keylogger is spyware that can watch and record your keystrokes. It can see what you write in an email, what passwords you enter on a banking website, or any other information you provide online.
This malware is dangerous because it runs in the background, recording your actions, without your knowledge. It might not be discovered until months later, when you realise somebody has been accessing your bank account.
Advice from the Commonwealth Bank on scam emails
The CBA website says the bank never sends out emails asking customers to confirm, update or disclose any confidential banking information.
“If you receive an email you believe may be a hoax please forward it as an attachment to email@example.com,” the bank states.
For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.
Media contact: Jaclyn McRae: firstname.lastname@example.org