Cybercriminals have once again exploited ANZ Banking Group’s trademarks in a phishing email scam.
The email’s subject lines includes an invoice number, with a display name of “Visa Secure|ANZ”. The sender’s email address does begin with the words “anz-invoice” but uses a domain not belonging to the bank. The email actually originates from a single email address created ad hoc for this scam.
Here is a screenshot of the email:
Upon clicking the link, an email draft pops up, with the “to:” field inserted with an email address. While this email address begins with “contact.anz”, it includes an email domain that doesn’t belong to ANZ. The “from:” field is empty, and the subject line used in this email draft is the same as the original email received by the user. A line is included within the body of this draft, telling the recipient to insert his/her phone number in order to get a call “as soon as possible to confirm some information”.
Here is a screenshot of this draft email:
This sole purpose of this phishing scam is to harvest the phone numbers of ANZ customers. If you have received this email, please report it to ANZ's Internet Banking team on 13 33 50 (International +61 3 9683 8833).
A key feature of this email scam is how it aims to trick users by not including any malicious links within the email. Instead, by including a pre-populated draft of an email asking for users’ personal data, it attempts to evade detection by email security filters who may not identify it as a scam email.
Here are some additional techniques it employs to trick users:
Despite these techniques, eagle-eyed recipients of this email would be able to spot several red flags that point to the email’s in-authenticity. These include the fact that the email doesn’t address the recipient directly, and that the email domains used both in the original email received and in the draft email doesn’t belong to ANZ.
How ANZ fights phishing attempts
ANZ is vigilant about customer security. The bank advises that it does not send emails asking for personal information or security credentials.
Recipients can access more information on The ANZ Security Centre found here: https://www.anz.com.au/security/protect-your-virtual-valuables/scams/
ANZ also offers these tips on preventing online fraud attempts:
To minimise your chances of becoming a victim of a phishing scam, ANZ advises:
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.
Don't get scammed
If your company’s email accounts aren’t protected, emails like the one above are almost certainly being received by your staff. Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.
People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.
One email is all that it takes
All that it takes to break into your business is a cleverly-worded email message. If scammers can trick one person in your company into clicking on a malicious link they can gain access to your data.
For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security.
Talk to a solution consultant at MailGuard today about securing your company's network.
Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.