Commonwealth Bank internet banking customers have again been targeted by cyber criminals in another email phishing scam, which MailGuard has successfully identified and blocked.
In a similar approach to a recent Commonwealth Bank scam, the third of its kind in a month, it attempts to fool customers into thinking they’ve received a new account statement, and surrendering their online banking account information.
Readers should be aware that this highly-sophisticated scam could leave you vulnerable to identify theft.
Here is a screenshot of the email you’ll need to look out for:
As you can see the email appears to be sent by Commonwealth, alerting readers to a ‘New statement and important message available to view’.
By providing the last four digits of a dummy card number, some users may think this is a legitimate email, as they often don’t know these account details, or overlook them.
Another reason to question the email’s legitimacy is that it doesn’t address the reader by name, which you’d normally expect a personalised banking communication to do. The email also doesn’t include any of the familiar yellow and black CommBank branding or logos, making it even more suspicious.
The recipient is encouraged to view their online statement by clicking on the ‘Read statement now’ hyperlink, which takes them to the below landing page, an almost identical, professionally-designed copy of a CommBank internet banking homepage.
Another clear sign that this scam is suspicious is the website URL. Your internet browser should highlight the section of the URL which represents the true host domain – in this case geology.gov.bz, which would clearly not form part of an official CommBank URL, and we believe to be a compromised website.
Once you’ve entered your account details and clicked the yellow “Log on” button, you’ll then be taken to another fake CommBank landing page, shown below, directing you to “confirm your NetBank account details”, for verification purposes.
Here you’ll be asked to submit more personal information, including your date of birth and credit card details.
Once you’ve clicked “View Statement Now”, you’ll be directed to the below message, which again features no Commonwealth Bank branding.
After a slight time delay, the above message redirects you to the official CommBank homepage, which adds further strength to this scam.
Meanwhile, having submitted your personal details in the previous screens, cyber criminals now have access to the following:
- Your Commonwealth Bank internet banking account, in order to transfer money and appropriate funds
- Your credit card number, expiry date and security number, which can be used to purchase items
- Additional verification details (first and last name, date of birth), used to gain access to related services.
How to protect yourself
In order to protect yourself from similar schemes, we recommend that you don’t open emails that:
- Appear to be sent from a reputable firm, like a banking provider or insurance company, but are not addressed to you by name or include grammatical mistakes (although not present in this case)
- Ask you to confirm personal information that a legitimate sender would already have access to
- Include a call to action that urges you to act quickly – in this example it’s an “Important message available to view”, but other examples include a notification that you’ve received a new package, or that your account’s been suspended
- Ask you to click on a link within an email in order to verify your identity details. We recommend that you go to your provider’s website directly by typing in their address in the address bar or using Google search
- You should also hover your mouse over any links and review their URL destination before clicking on them. If it takes you somewhere that looks suspicious, don’t click it.
How similar scams can hurt businesses
Phishing scams like this are typically designed to steal personal banking information.
However, businesses can also be affected by similar scams which fool its staff into downloading malware from executable files attached in emails from seemingly reputable companies.
This malware can typically be used to track keystrokes on your computer in order to steal commercially sensitive data from your network.
Cyber criminals also use advanced crypto malware in order to lock and encrypt your data, before demanding a hefty ransom payment in order to reinstate your files.
It’s therefore also important that you backup your data every day, and share our blog posts with staff to make them more aware.
Adding a cloud-based email filtering solution will also prevent malicious campaigns like this from reaching your email in the first place.
Reporting phishing scams to Commonwealth Bank
If you’ve been targeted by this scam, or another similar Commonwealth Bank phishing campaign, we recommend that you report it to them immediately by calling 132 221 or emailing hoax@cba.com.au. You can also read their website for more advice on protecting yourself.
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.
