Annamaria Montagnese 16 May 2016 15:15:52 AEST 2 MIN READ

New ANZ Scam: Security Upgrade Email Targets Online Banking Users

A new phishing scam was identified by MailGuard earlier today, targeting a particularly large number of ANZ online banking users.

The scam which appears legitimate, with the exception of a handful of grammatical errors, features the subject line ‘Important Notice!’ and ironically asks recipients to upgrade their accounts to maximize their security.  

Here is a sample of the email, with the sender email address appearing to be from anz.com.au.

MailGuard_ANZ_Phishing_Scam_Email_Sample_-_May_2016.jpg

The email is not personally addressed to the intended recipient, but asks that recipients ‘log on’ via a link contained within the email. Clicking the link takes users to a fake landing which looks almost identical to the legitimate site:

MailGuard_ANZ_Phishing_Scam_Email_Landing_Page_1_Sample_-_May_2016.jpg

You will notice the URL is not at all related to the legitimate ANZ URL, however unsuspecting recipients may easily miss this detail. The cyber criminals have used a compromised website where the phishing page is being hosted.

After users have entered their Customer Registration Number (CRN) and Password, they are redirected to a second phishing page. While the cybercriminals already have a copy of users online banking credentials, on the second page the cyber criminals are trying to find out the answers to security questions used for access to an online account. These questions may also help the cyber criminals to access other online accounts in the event that the security questions are the same.

MailGuard_ANZ_Phishing_Scam_Email_Landing_Page_2_Sample_-_May_2016-1.jpg

When users hit ‘Continue’, they are redirected to a landing page which suggests their session has ended, and asks them to log-in again. This directs users back to the legitimate ANZ online banking page, and may mean many users remain none the wiser that they have been scammed.

How can I protect myself from these types of email scams?

To reduce the risk of being tricked by one of these scams, you should immediately delete any emails that:

  • Seem suspicious and ask you to download files or click any links within an email to access your account.
  • Are purporting to be from businesses you may know and trust, yet use language that is not consistent with the way they usually write (including multiple grammatical errors)
  • Ask you to click on a link within the email body in order to access their website. If unsure call the company/person directly and ask whether the email is legitimate


ANZ ask customers to report any unusual transactions or phishing scams. This helps ANZ to alert other customers and to be vigilant for any possible illegitimate transactions.

We recommend that you share these tips with your staff to make them aware of these campaigns. By employing a cloud-based email and web filtering solution like MailGuard, you’ll also reduce the risk of these new variants of phishing from entering your network in the first place.

First to stop new attacks, MailGuard is consistently between 2 hours and 48 hours ahead of the market in preventing zero-day threats.

 

Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.

Keep Informed with Weekly Updates

^ Back to Top