Macquarie online banking customers are the latest target of a zero-day email scam which was widely distributed to email inboxes around Australia.
The URL contained within the email takes recipients to a landing page which is identical to the legitimate Macquarie login page. Can you spot the difference?
Here is a sample of the legitimate Macquarie login page at https://secure.macquarie.com.au
This is the phishing site created by cyber criminals which appears almost identical (notice the URL):
Recipients who click and enter their username and password immediately hand over online banking credentials to the cyber criminals.
The next page the user is directed to, is again a phishing page designed to steal enough information to access the users Macquarie online banking account, and to provide enough information for the cybercriminals to commit identity theft for other accounts belonging to the victim.
Macquarie warn customers not to fall for email or online scams, and also advise never to click links from within an email. If you receive suspicious emails purporting to be from Macquarie, please report them to firstname.lastname@example.org.
For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.