This new phishing attack MailGuard has detected is meant to look like a notification from St George Bank.
The message is a relatively convincing forgery with well-formatted text and a sender address with the domain “@st-george.com”
The criminals behind this attack appear to have hijacked st-george.com - the URL of an educational website - for the purposes of this scam.
If a victim clicks on the link in the message they are directed to the phishing page shown in the screenshot below:
The phishing page is set up on a hacked website belonging to a medical information site.
The hackers have grafted the prefix “stgeorge.com.au” onto the actual “.com” URL to make it look as much as possible like an authentic bank login page.
The objective of this scam is harvesting the bank login credentials of victims. Once they have entered their account details and password the criminals will use them to fraudulently access their account.
What is "phishing?"
Phishing is the practice of tricking email recipients into revealing personal information that criminals can exploit for gain.
Phishing emails go to a wide group of random people; it’s like a fisherman casting a wide net to see what he can catch. The attackers know that not everyone will respond, but they know that if they send enough emails out somebody will probably take the bait.
A phishing attack message will typically include a link that will send the unwary victim to a fake login website. Once there, the user will be asked to enter username and password data which will be automatically captured by the phishing page.
In a typical phishing attack, criminals create email templates that look like messages from big companies and send them out wholesale to millions of recipients. When the scam message shows up in a victim’s inbox they feel safe opening it because it looks like a legitimate message from a familiar company.
Scammers use phishing pages to collect login credentials for email accounts, bank accounts, and a wide range of other online services.
Stay up-to-date with new posts on the MailGuard Blog by subscribing to our email updates.
