Westpac Customers Targeted in Online Banking Phishing Scam

Posted by MailGuard on 16 December 2021 15:32:53 AEDT

Millions of Westpac online banking customers are being targeted in a phishing scam that aims to steal crucial details, including login and credit card information. With the holidays in sight, and many Australians’ relying on their online banking for purchases, paying bills, and checking their bank accounts, scammers have used emotive messaging to trick even the savviest user into thinking this may be a legitimate communication from Westpac.  

Scammers have copied the Westpac logo and other brand assets in creating the email which has been sent from ‘Westpac Online Banking’ via a compromised email address. The body of the email advises the client that there has been an attempt to sign-in to their account from an unrecognised device. Customers are then asked to complete an account verification in order to restore access to their online banking account.  

Here’s what the email looks like:  

Your Westpac online banking is temporarily locked - Mozilla Thunderbird_763

Upon closer inspection of the email, although there are no obvious grammatical errors to pick up, aside from the unusual inclusion of ‘Australia First Bank’, the formatting of the email is quite simplistic and not representative of a professional alert that would normally be sent from Westpac. The email is also addressed generically to ‘Dear client’ whereas a customer would reasonably expect communications from the bank to be personalised.  

When a user clicks on the red ‘Update account’ button, they are taken to the following login page below. Again, use of the catchy red colouring that Westpac is known for is used to feign authenticity, as well as legitimate links provided at the bottom of the page, added to confuse victims.  

Sign in to Westpac Online Bank — Mozilla Firefox_762


After entering a Customer ID and Password, victims are taken to the next page which requests verification of the account by providing Full Name, Date of Birth, Zip Code and Phone Number credentials. Sensitive information, that can be used for wide criminal use, such as identity theft, by scammers.  

Sign in to Westpac Online Bank — Mozilla Firefox_764

Once ‘Verified’ customers are taken to an OTP (one-time-password) page whereby they are required to enter a security code that has been sent to them.  

Sign in to Westpac Online Bank — Mozilla Firefox_765

The next step in the scam is particularly detrimental, resulting in severe financial loss if in the hands of cybercriminals. In order to continue with the false verification process, customers are asked to enter their credit card details, before being asked for OTP verification for a second time.  

Sign in to Westpac Online Bank — Mozilla Firefox_766


Sign in to Westpac Online Bank — Mozilla Firefox_767


The last page, depicted below, thanks the customer and advises them that their ‘account will be confirmed in 48 hours’ accompanied with a puzzling message about all transactions being refunded to the victim in 48 hours.  

Sign in to Westpac Online Bank — Mozilla Firefox_768

The sole purpose of this elaborate phishing scam is to harvest the login credentials of Westpac customers so the criminals behind the scam can break into their bank accounts, and possibly sell the victims information on the dark web. Therefore, it is crucial that customers remain vigilant. By typing in your customer ID and password, personal ID, and credit card information, you’re handing sensitive account information to cybercriminals 

Furthermore, the cybercriminals behind this scam have incorporated several techniques within the email itself to boost its credibility. These include: 

  • Westpac’s support links and helpline in the footer of the phishing pages – this is a common feature expected of a well-established bank like Westpac, and  
  • An alarming subject line, informing recipients that ‘Your Westpac Online Banking Account is Temporarily Locked’, creating a sense of urgency and anxiety. This motivates users to act immediately without checking out the authenticity of the email.  

Combined, these techniques can easily motivate time-poor and trusting users to proceed to verify their account.  

As a precaution, we urge you not to click links within emails that: 

  • Are not addressed to you by name. 
  • Appear to be from a legitimate company but use poor English or omits personal details that a legitimate sender would include. 
  • Are from businesses that you were not expecting to hear from. 
  • Take you to a landing page or website that is not the legitimate URL of the company the email is purporting to be sent from. The URL for Westpac’s internet banking login page is: https://online.westpac.com.au 

Westpac offers a comprehensive online resource to help identify and report scams purporting to be from them. You can verify the authenticity of any contact you aren’t sure about, or report a scam, by calling 132 032 or emailing them at hoax@westpac.com.au. 

One email is all that it takes     

All that it takes to devastate your business is a cleverly worded email message that can steal sensitive user credentials or disrupt your business operations. If scammers can trick one person in your company into clicking on a malicious link or attachment, they can gain access to your data or inflict damage on your business.     

For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security. Talk to a solution consultant at MailGuard today about securing your company's inboxes.  

Stay up-to-date with MailGuard's latest blog posts by subscribing to free updates. Subscribe to weekly updates by clicking on the button below.  

Keep Informed with Weekly Updates


Topics: Phishing Email Security email filtering email scam online banking Westpac Bank Cybersecurity scam alert fastbreak

Back to Blog


    Something Powerful

    Tell The Reader More

    The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


    • Bullets are great
    • For spelling out benefits and
    • Turning visitors into leads.

    Recent Posts

    Posts by Topic

    see all