Mailguard has intercepted new criminal-intent emails that are designed to send victims to a fake St George Bank login page.
As can be seen in the screenshot of the email the message is very brief and simply formatted.
The message shows the sender ID ‘St. George Bank,’ but the actual sender address domain is ‘uoguelph[dot]ca’ which clearly is not a St George domain.
The email states ‘please note that Your St.George Bank Account has been terminated’ and asks the recipient to click on a link to restore their account.
The message is not formatted in a way that resembles a real bank notification, which would probably alert a lot of recipients to be cautious. The scammers who created this message are relying on the urgency and shock value of the message to persuade people to click the link.
Anyone unwary enough to click on the link is taken to the screen above, which is a fake St George Bank login page. This page is on an unsecured domain ‘belaloloca[dot]com[dot]br’; genuine bank login pages are hosted on secure domains not generic websites like this one.
Unlike the email message, this login screen is quite a convincing fake, with realistic St George branding.
The fake login screen asks the scam victim to enter their bank login details: card number; security number; and internet password and then takes them to a second login page, pictured below:
This second screen titled ‘Internet Banking Verification’ asks for the victim’s date of birth, driver’s licence number and Medicare number.
These details are not requested by the authentic St George login procedure, but the criminals behind this scam want to harvest these personal details to make it easier for them to perpetrate identity theft against their victims.
This criminal-intent email is an example of brandjacking; a type of fraud that uses the well-known and trusted logos of big companies to win the trust of unsuspecting victims.
St George Bank has an advisory page where they offer advice on how to avoid fraud. St George offers this advice about email scams:
‘Some ways to spot a hoax email:
- Does it instruct you to click on a link to Internet Banking login page, open an attachment or call a number?
- Does it ask for sensitive financial information or for you to confirm the security of Internet Banking
- Does the email have poor grammar and punctuation? Check the sender’s email address; does it appear to come from a legitimate source?’
In the event that their customers receive fraudulent email, St George advises them to call the bank on 13 33 30 for advice.
Protect Your Inbox
9 out of 10 cyber-attacks are delivered via email, so it's essential to have the best filtering service available.
Always hover your mouse over links within emails and check the domain they’re pointing to. If they look suspicious or unfamiliar don’t open them.
If your company is experiencing problems with criminal-intent email you can speak to one of MailGuard's cloud security specialists right now on 1300 30 44 30