A realistic replica landing page is the hallmark of an ANZ phishing scam which aims to steal banking log-on information.
The medium-scale attack was intercepted by MailGuard today. None of 68 other major security vendors identified the link as malicious this morning.
The plain-text email tells recipients to update their contact details by clinking a link.
The link directs users to a fake but realistic-looking ANZ website, which asks for a customer number and password. The suspicious domain address is one giveaway that the page is not legitimate.
Those who fall victim are then directed to another phishing page, complete with ANZ branding. This one asks victims to input their three security questions and answers.
Known by ANZ as ‘Challenge questions’, they add an extra layer of protection against fraudsters. The questions request information such as father’s middle name or mother’s birthday.
By clicking ‘Continue’ users are told their session has timed out. If they click the option to ‘Log on again’ they’re directed to the correct ANZ website, usually in an effort to mask the phishing attempt.
The phishing emails originate from a compromised set of email addresses and are hosted on compromised websites running WordPress.
What’s the risk?
By typing in your account number and password, you’re handing this sensitive account information to cybercriminals.
If you also tell the scammers your security question, it allows them to attempt other fraudulent actions, such as calling the back and trying to access your accounts.
How ANZ fights phishing attempts
ANZ is vigilant about customer security. The bank advises that it does not send emails asking for personal information or security credentials.
Its website offers these tips on preventing online fraud attempts:
To minimise your chances of becoming a victim of a phishing scam, ANZ advises:
For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.