Daniel McShanag 28 May 2019 13:30:53 AEST 3 MIN READ

BankWest customers targeted in latest email scam

BankWest is the latest bank to be brandjacked in another online banking scam this week. Customers are informed in an email that their “online access will be discontinued and deleted ... due to a failure to comply with our online update regulations.”

The email advises recipients “To avoid the above action, use the Bank West online update form attached to this email.”    

Screenshot from 2019-05-28 08-58-54

The scam follows a similar email late last week purporting to be from ANZ Bank relating to their online banking services.

The BankWest message is a simple plain-text email, that directs customers to an HTML form. The form, which carries a similar look and feel to BankWest, with a cheeky change to the logo to read ‘bankBest,’ then proceeds to ask for extensive customer details in order to update your “online” or “mobile phone” details.

An example of the form(s) are below, asking for banking credentials such as users Personal Access Number (PAN), Secure Code and Telephone Banking PIN.   

Screenshot from 2019-05-28 08-59-19

The form continues to request Personal Identity information such as First and Last Name, as well as users Verbal Password, Date of Birth, Driver’s License Number and Driver’s License Expiry.  

Screenshot from 2019-05-28 08-59-32

As if that’s not enough, it continues to request Debit Card number, Debit Card Expiry and CVV, along with Challenge Questions & Answers. 

Screenshot from 2019-05-28 08-59-46

Finally asking for Contact Information (Mobile Phone Number, Home Address, Email Address and Email Password.

Screenshot from 2019-05-28 09-00-22

Once confirmed, the user will have handed over a substantial amount of sensitive data to the cybercriminals who will be able to access online and mobile banking, as well as use the same information for identity fraud and to attempt to access other accounts and services. 

The email claims to come from 'Bankwest Online' with that display name, however it actually comes from a compromised address.

At the time of reporting no other providers are detecting the attachment or the URL for the compromised site being used to harvest user details.

BankWest provide this advice to their customers, about things to look out for:

  • We’ll never send you a direct link to the BOB login page
  • New screens like the ‘Verification’ screen 
  • Requests to enter more information such as your name, date of birth or phone number
  • Phishing websites that are designed to look like our website, but have a different URL.

And the bank encourages customers affected by scams to contact them on 13 17 19

One click is all it takes

Cybercriminals use email scams to steal sensitive personal information and banking credentials. All criminals need to break into your business is a cleverly worded message. If they can trick one person in your company into clicking on a malicious link they can gain access to your data.

For a few dollars per staff member per month, you can protect your business with MailGuard's predictive email security.

Talk to an expert at MailGuard today about making your company's network secure: click here.

Stay up-to-date with new posts on the MailGuard Blog by subscribing to our email updates. 

Keep Informed with Weekly Updates