Commonwealth Bank customers are currently the target of yet another online phishing scam purporting to be from the big four bank.
This attack comes only a week after MailGuard successfully identified and blocked another CommBank email phishing scam. This threat forms part of a new zero day spam campaign leaving internet banking customers vulnerable to identity theft.
Here is a screenshot of one variation we have observed:
As you can see, the purported sender is Commonwealth. The sender attempts to alert the recipient of a ‘new statement and important message available to view’.
This particular variation states the last four digits of an online bank account to further convince the user that this is legitimate brand communication. Many bank holders do not know the last four digits of their account number, and as a result may not be alarmed by this inaccuracy in information.
We have previously observed this technique used by scammers impersonating Commonwealth Bank brand communication. Cyber criminals use syntax spinners to dynamically generate email content and distribute thousands of unique variations, bypassing content spinners.
The recipient is encouraged to view their statement online via the yellow and black ‘view statement now’ button or the ‘now available’ hyperlinked text.
Upon clicking either link, the user arrives on the above login page. Whilst the cyber criminals have made a more realistic attempt at replicating a legitimate login URL than previous online banking scams we have reported on; a vigilant user will identify this as a scam simply by noting the fraudulent domain in the website address field.
This destination page is a replica of the official CommBank internet banking login page.
Submitting your login credentials into the provided form directs you to a landing page asking to “confirm your NetBank account details”.
The victim is prompted to enter verification information including their Date of Birth and Credit Card details. The target is promised access to their online statement, but instead forfeits their private information after submission.
Let’s take a look at what this scammer now has access to:
As a precaution, we urge you to delete any emails the following how to prevent phishing checklist:
How to report a scam:
Commonwealth Bank offers a detailed online resource to help identify and report scams purporting to be from them. You can verify the authenticity of any contact you aren’t sure about, or report phishing, by calling 132 221 or emailing them at hoax@cba.com.au.
Educating staff and employing cloud-based email and web filtering is your first and best line of defence. Compliment this multilayered defence with on premise antivirus, anti-malware and anti-spyware solutions. This will go a long way to mitigating the risk from a wide range of email scams.
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.