Phishing attack delivered by email spoofing NAB

Posted by Akankasha Dewan on 30 November 2018 11:11:09 AEDT

A new scam email purporting to come from National Australia Bank (NAB) is currently infiltrating inboxes.

The fraudulent email appears without a display name and is sent via a forged email address. MailGuard found this address is actually used by NAB to send legitimate emails about customers internet banking. The messages are being sent from a mail server located in Germany.

The body of the email is short and contains plain text. It informs recipients that for their own security, their online banking account has been locked and they need to log in. It directs them to click on a link to log in to their account.

Here is a screenshot of the email:

 NAB email scam social image


What appears as a link to the NAB websites online banking, is actually a disguised URL that leads to a poorly-designed copy of the NAB login page on a compromised website.

NAB scam page

This webpage includes 3 fields for the users to input their NAB ID, Internet Banking Password and Telephone Banking Passcode. Once the user submits the form via clicking the ‘Login’ button, they are redirected to the actual NAB website. All the information in the form is captured by the cybercriminals and used to access the user’s confidential data and funds.

Banks commonly hold a well-established and trusting relationship with customers, so when cybercriminals are looking for good trademarks to use in their email attacks they often brandjack banks.

However, while this email scam incorporates the logo, branding and name of the bank within its email and its illegitimate webpage, it raises several red flags that directly point to the email being a scam. For instance, the email is poorly worded and contains grammatical mistakes such as ‘please Log on click’. In addition, the NAB logo in the webpage appears stretched, pixelated, and blocks part of some text in a header within its background.

To reduce the risk of being tricked by one of these scams, you should immediately delete any emails that:

  • Appear to be from a well-known organisation, typically a bank or service provider and are not addressed to you by name and may include poor grammar.
  • Ask you to click on a link within the email body in order to access their website – your bank will always ask you to go to their website directly by typing their URL into your web browser address field, as a precautionary security measure.
  • Ask you to submit personal information that the sender should already have access to.

NAB offers a secure online and telephone banking service – if you are concerned about the legitimacy of any online communication you receive, please call them to confirm.

Secure your inbox

Effective cybersecurity requires a multi-layered strategy. For a few dollars per staff member per month, add MailGuard's predictive email security. You’ll significantly reduce the risk of malicious emails, like the one above, entering your network. 

For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs:

Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update, or follow us on Twitter @MailGuard.

Keep Informed with Weekly Updates


^ Back to Top

Topics: Phishing email scam NAB Cybersecurity cybercrime

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all