When people get an email from their bank, the last thing they suspect is a scam, so of course, cybercriminals regularly exploit the trademarks of well-known banks to make their phishing emails more convincing.
MailGuard has intercepted a new run on scam messages using the branding of ANZ Bank and advising victims “your access has been temporarily locked.”
The messages go on to say “your profile will be permanently locked if you do not confirm your login details correctly. To keep your account safe please log on to proceed.”
The emails contain a link, made to look like it points to an ANZ Bank login page, but actually directing the victim to a phishing site:
The screenshot above shows the bogus login page designed by the scammers. You can see that the site looks quite convincing; with ANZ trademarks and logos.
Once the scam victim has entered their bank login details, they are directed to a second page- shown below - which asks them to submit their security verification data:
This sole purpose of this elaborate phishing site is to harvest the login credentials of ANZ customers so the criminals behind this scam can break into their bank accounts.
This scam was prevented from reaching the inboxes of MailGuard customers.
If you do not have MailGuard inbox protection yet, please keep an eye out for this scam; to help you identify it, here is a list of some of the sender addresses used in the fraudulent emails:
- abby.bushey@live.mercer.edu
- addie.grace.dillard@live.mercer.edu
- alaina.g.dawson@live.mercer.edu
- alaina.k.davis@live.mercer.edu
- alexandra.lynn.pulaski@live.mercer.edu
- alicia.ann.mikowski@live.mercer.edu
- andrew.1.robinson@live.mercer.edu
- angela.d.beavers@live.mercer.edu
- raul.valerio@live.mercer.edu
- tara.l.douglas-davis@live.mercer.edu
- willie.a.coneway@live.mercer.edu
Hovering your mouse over the “from” field in the message should reveal the actual sender address.
Please help us alert people to this scam attack by sharing our Tweet with your network:
#ZERODAY #FASTBREAK We've blocked an email #brandjacking @ANZ_AU, links to a #phishing site asking for username, password and answers to security questions before redirecting to a legitimate site. Sender domain: live(dot)mercer(dot)edu https://t.co/lsBBHfOG58 @scamwatch_gov pic.twitter.com/AG19tUxEm8
— MailGuard (@MailGuard) April 29, 2018
Tell-tale signs of email scams:
- Generic greetings, such as ‘dear customer’
- A sense of urgency, e.g. “ensure your invoice is paid by the due date to avoid unnecessary fees”
- Bad grammar or misuse of punctuation and poor-quality or distorted graphics (this attempt isn’t let down by bad grammar, making it more likely some people will take the bait)
- An instruction to click a link to perform an action (hover over them to see where you’re really being directed)
Stop email fraud
Cybercriminals know we can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.
People aren't machines; we're all capable of making bad judgement calls. Without email filtering protecting your inbox, it’s all too easy to have a momentary lapse of judgement and click on the wrong thing.
For a few dollars per month, you can protect your inbox with MailGuard's predictive email security.
Talk to an expert at MailGuard today about making your email secure: click here.
Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:
