Scam: fake St George phishing site steals bank passwords

Posted by Emmanuel Marshall on 31 May 2018 15:19:54 AEST

 

Scam alert: MailGuard has detected a new email scam using St George Bank trademarks to try and deceive victims into submitting their bank login details to a phishing site.
This cunningly designed scam closely resembles a genuine St George communication.

The email message (shown above) has a realistic looking logo included and the text informs the recipient that “we detected irregular activities on your credit card,” and that “your account has been temporarily suspended for your protection, we must verify your identity.”

The email contains a link “to restore your account,” which has been set up to look like a real St George link. The URL contains the text “stgeorge.com.au,” like the genuine bank website but this text is not the actual domain. The real domain is hidden an points to a phishing page.

180531-stgeorge-2

Once the unsuspecting scam victim has entered their login credentials on the phishing page (shown above) they are forwarded to further pages that harvest their identifying details like email address and phone number.    

180531-stgeorge-3

Anyone who progresses to the third page of this phishing site will finally be asked to upload selfie photos of their driver’s license and passport.

The extensive data demanded by these phishing pages would enable the scammers behind this attack to execute sophisticated identity theft fraud.

180531-stgeorge-4MailGuard has prevented this email from reaching our customer’s inboxes, but if you are not yet a MailGuard customer, please exercise caution and keep an eye out for this scam.

Some identifying details to help you spot this malicious message:

  • display name: “OnlineSt.George”
  • display address: “service-renter@stgeorge.com”
  • sending address: “root@secure-socket-layer.net”

 

Help us warn people about this scam by sharing our Tweet:

 

Defend your inbox


Phishing attacks can be enormously costly and destructive an
d new scams are appearing every day. Don’t wait until it happens to your business; take action to protect your company, now.

Effective cybersecurity requires a multi-layered strategy. For a few dollars per staff member per month, add MailGuard's predictive email security. You’ll significantly reduce the risk of malicious email entering your network. 
Talk to an expert at MailGuard today about your company's cybersecurity needs: 1300 30 44 30

Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:

Keep Informed with Weekly Updates

 



Topics: Phishing St George Bank scam alert email scams Threat Update bank scam

Back to Blog

Comments:


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.

Remember:

  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all