A new email scam is circulating, presented as a seemingly legitimate communication targeting ANZ bank customers. The scam impersonating the ANZ Bank, scares recipients into opening and clicking through on the email by threatening that the recipients banking service has been suspended.
Most concerning, the criminals behind the scam have registered their own domain personal-anz.com which closely resembles that of the legitimate ANZ home page for personal banking users www.anz.com/personal.
MailGuard email filtering blocked this scam and the URL contained within the email was identified as malicious through our web filtering services.
The email is not personally addressed to the recipient, which can be an indicator of a mass email scam.
In order to trick email recipients into clicking the link, the scam invites recipients to validate their account information. Recipients are taken to a fake ANZ landing page which appears almost identical to the legitimate banking login page for ANZ banking customers.
The cyber criminals behind this scam have gone above and beyond by registering their own domain personal-anz.com. For online banking users, this URL closely resembles that of the ANZ home page for personal banking users www.anz.com/personal/.
This can fool many email recipients into thinking the email is legitimate because the URL appears to be that of the legitimate bank. Filling in the Customer Registration Number and Password fields immediately gives login details to the cyber criminals. They can now access your account online and make fraudulent transactions.
The pages loads exactly like ANZ bank with the same circling loading icon.
The second landing page asks for more personal information which not only allows cyber criminals to make changes to your ANZ bank accounts, but to also access other accounts which require this information for verification purposes.
Finally, if recipients continue through the supposed verification process, they are asked to hand over their credit card details including card number, expiry date and security code.
Users may feel secure when the last page loads to finally redirect them to the ANZ homepage. The message states their account is being restored.
How can I protect myself from these types of email scams?
To reduce the risk of being tricked by one of these scams, you should immediately delete any emails that:
- Seem suspicious and ask you to download files or click any links within an email to access your account.
- Are purporting to be from businesses you may know and trust, yet use language that is not consistent with the way they usually write (including multiple grammatical errors)
- Ask you to click on a link within the email body in order to access their website. If unsure call the company/person directly and ask whether the email is legitimate
ANZ ask customers to report any unusual transactions or phishing scams. This helps ANZ to alert other customers and to be vigilant for any possible illegitimate transactions.
Share these tips with your staff to make them aware of these or other similar campaigns. By employing a cloud-based email and web filtering solution like MailGuard, you’ll also reduce the risk of these new variants of phishing from entering your network in the first place.Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.