ANZ Bank trademarks exploited in phishing scam

Posted by Emmanuel Marshall on 30 April 2018 13:52:12 AEST


When people get an email from their bank, the last thing they suspect is a scam, so of course, cybercriminals regularly exploit the trademarks of well-known banks to make their phishing emails more convincing.

MailGuard has intercepted a new run on scam messages using the branding of ANZ Bank and advising victims “your access has been temporarily locked.” 

180430-anz-4

The messages go on to say “your profile will be permanently locked if you do not confirm your login details correctly. To keep your account safe please log on to proceed.”
The emails contain a link, made to look like it points to an ANZ Bank login page, but actually directing the victim to a phishing site:

180430-anz-2-1

The screenshot above shows the bogus login page designed by the scammers. You can see that the site looks quite convincing; with ANZ trademarks and logos.

Once the scam victim has entered their bank login details, they are directed to a second page- shown below - which asks them to submit their security verification data:

180430-anz-3

This sole purpose of this elaborate phishing site is to harvest the login credentials of ANZ customers so the criminals behind this scam can break into their bank accounts.

This scam was prevented from reaching the inboxes of MailGuard customers.

If you do not have MailGuard inbox protection yet, please keep an eye out for this scam; to help you identify it, here is a list of some of the sender addresses used in the fraudulent emails:

  • abby.bushey@live.mercer.edu
  • addie.grace.dillard@live.mercer.edu
  • alaina.g.dawson@live.mercer.edu
  • alaina.k.davis@live.mercer.edu
  • alexandra.lynn.pulaski@live.mercer.edu
  • alicia.ann.mikowski@live.mercer.edu
  • andrew.1.robinson@live.mercer.edu
  • angela.d.beavers@live.mercer.edu
  • raul.valerio@live.mercer.edu
  • tara.l.douglas-davis@live.mercer.edu
  • willie.a.coneway@live.mercer.edu

Hovering your mouse over the “from” field in the message should reveal the actual sender address.

Please help us alert people to this scam attack by sharing our Tweet with your network:

 

Tell-tale signs of email scams:

  • Generic greetings, such as ‘dear customer’
  • A sense of urgency, e.g. “ensure your invoice is paid by the due date to avoid unnecessary fees”
  • Bad grammar or misuse of punctuation and poor-quality or distorted graphics (this attempt isn’t let down by bad grammar, making it more likely some people will take the bait)
  • An instruction to click a link to perform an action (hover over them to see where you’re really being directed)

 

Stop email fraud


Cybercriminals know we can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.

People aren't machines; we're all capable of making bad judgement calls. Without email filtering protecting your inbox, it’s all too easy to have a momentary lapse of judgement and click on the wrong thing.

For a few dollars per month, you can protect your inbox with MailGuard's predictive email security.

Talk to an expert at MailGuard today about making your email secure: click here.

 

Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:

Keep Informed with Weekly Updates

 

 

 

Topics: Phishing ANZ email fraud ANZ scam scam email Threat Update bank scam

Back to Blog

Comments:


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.

Remember:

  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all