Jaclyn McRae 21 December 2016 13:17:07 AEDT 2 MIN READ

Malicious Commonwealth Bank fraud email targets hundreds of thousands of Australians

 Hundreds of thousands of Australians have been targeted by a fake Commonwealth Bank email designed to infect recipients with malware.

Customers and non-customers are vulnerable to the scam, which asks people to click to view a ‘Secure Message’.

Malicious Commonwealth Bank fraud email targets hundreds of thousands of Australians1.jpg

Those who take the bait will in fact download a trojan – used by cybercriminals to hack computers.

MailGuard detected and blocked the malicious email to its global customers this morning, however new iterations of the scam continue to be delivered en masse this afternoon

The email looks legitimate and includes CBA corporate colours. However the attachment includes an old version of the Microsoft Office logo.

Malicious Commonwealth Bank fraud email targets hundreds of thousands of Australians2.jpg

The emails came from a recently-registered domain, with the email address secure.message@commbanksecureemail.com. They were sent from cloud-hosted servers in Hong Kong, but the attack could have originated anywhere.

The attached document contains a malicious macro that when executed, downloads a virus from a remote location. By instructing recipients to click ‘enable editing’, and then ‘enable content’, it uses the victim to activate the virus.

What is a macro and why is it dangerous?

By enabling a macro, email recipients are allowing criminals to automatically install malicious files, such as Trojans or keyloggers.

Trojans sit quietly in the background, taking actions not authorised by the user, such as modifying, stealing, copying or even deleting data.

A keylogger is spyware that can watch and record your keystrokes. It can see what you write in an email, what passwords you enter on a banking website, or any other information you provide online.

This malware is dangerous because it runs in the background, recording your actions, without your knowledge. It might not be discovered until months later, when you realise somebody has been accessing your bank account.

Advice from the Commonwealth Bank on scam emails

The CBA website says the bank never sends out emails asking customers to confirm, update or disclose any confidential banking information.

“If you receive an email you believe may be a hoax please forward it as an attachment to hoax@cba.com.au,” the bank states.

For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.

Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.

Media contact: Jaclyn McRae: jaclynm@mailguard.com.au

Keep Informed with Weekly Updates


^ Back to Top