Akankasha Dewan 28 August 2019 15:13:02 AEST 3 MIN READ

Email phishing scam spoofing NAB claims users’ cards are ‘put on hold’

Using fear and panic to trick users via email scams is a popular tactic employed by cybercriminals. MailGuard intercepted a deceptive email employing similar techniques earlier this morning (AEST).

The plain-text email purports to come from National Australia Bank (NAB) and uses a display name called ‘NAB Online’. MailGuard understands that this plain text email is sent via a single compromised address. It is titled ‘You Have One New Important Message’.

The body of the email informs recipients that it is an automated message from NAB. It claims that a hold has been placed in their card as ‘usage in a different location’ has been detected. To resolve this problem, recipients are advised to visit their nearest NAB branch or click on a provided link to ‘get verified within minutes’.

Here is a screenshot of the email:

NAB IM 1

Unsuspecting recipients who click the link to use the NAB ‘online platform’ are led to a compromised WordPress phishing site that’s designed to harvest confidential details:

NAB IM 2

Upon ‘logging in’, users are taken to a similar page demanding further details such as security information and debit card verification:

NAB IM 5

Once the user has finished submitting information in all the fields and the form is submitted, the user is directed to a thank you page, as below.

final page

Whilst MailGuard is stopping this email scam from reaching Australian businesses, we encourage all users to be extra vigilant against this kind of email and whatever happens, do not respond to it.

While this email scam incorporates the logo, branding and name of the bank at several instances, it raises several red flags that directly point to the email being a scam. For example, the email itself is poorly worded and contains grammatical mistakes such as ‘its to notify you’.

To reduce the risk of being tricked by one of these scams, you should immediately delete any emails that:

  • Appear to be from a well-known organisation, typically a bank or service provider and are not addressed to you by name and may include poor grammar.
  • Ask you to click on a link within the email body in order to access their website – your bank will always ask you to go to their website directly by typing their URL into your web browser address field, as a precautionary security measure.
  • Ask you to submit personal information that the sender should already have access to.

NAB offers a secure online and telephone banking service – if you are concerned about the legitimacy of any online communication you receive, please call them to confirm.

Banks commonly hold a well-established and trusting relationship with customers, so when cybercriminals are looking for good trademarks to use in their email attacks they often brandjack banks.

Don't get scammed

If your company’s email accounts aren’t protected, emails like the one above are almost certainly being received by your staff.  Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.

People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.

For a few dollars per staff member per month, you can protect your business with MailGuard's predictive email security.
Talk to an expert at MailGuard today about making your company's network secure: click here.

Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:

Keep Informed with Weekly Updates