A new email scam mimicking a Big Four bank falsely tells recipients their account has been disabled.
The phishing email tells recipients to click a link to reactivate their account.
But those who do are taken to a realistic copy of the NAB internet banking website, designed to harvest victims’ account ID and password.
The plain-text email contains the subject line ‘Notification’ and is sent from discharge.authority@nab.com.au.
It contains a directive to ‘Click here’ to activate the account, but the link points to a realistic duplication of the real NAB website.
The emails are forged from the address discharge.authority@nab.com.au.
MailGuard blocked the distribution of thousands of copies of the email this afternoon.
What’s the goal of a phishing website?
A phishing scam is a fraudulent attempt to steal your information or identity for financial gain.
In this case, the perpetrators want victim’s banking details.
Creating a fake website allows them to collect peoples’ account number and passwords without arousing suspicion.
That valuable information is collected and used to make future unauthorised transactions.
Tell-tale signs of phishing scams
Advice from NAB on scams
NAB says it’s aware of a similar phishing email targeting customers.
“If you receive this type of email, please forward it to spoof@nab.com.au and then delete it,” the NAB website advises.
For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.