MailGuard has intercepted a phishing email scam purporting to be from Suncorp.
Detected earlier today morning (AEST), the malicious emails are infiltrating inboxes using the display name ‘Suncorp Online Banking’. They actually come from a single compromised email address.
The email body is in plain text and is relatively short. It informs the ‘Valued Customer’ that their ‘Online Services has expired’ due to an ‘SSL Database upgrade’ in Suncorp’s system. In order for it to remain active, users are directed to click on a link to ‘Upgrade to the new SSL’.
Here is a screenshot of the email:
Unsuspecting recipients who click on the link are taken to a fake Suncorp-branded login page that includes branding & images commonly found on the bank’s legitimate pages. This is a phishing page designed to harvest users’ confidential details.
‘Logging in’ then takes users to another page that asks for their 2-factor authentication details. Once these have been successfully verified, users are redirected back to the legitimate Suncorp website.
This sole purpose of this elaborate phishing scam is to harvest the login credentials of Suncorp customers so the criminals behind this scam can break into their bank accounts.
By typing in your account number and password, you’re handing this sensitive account information to cybercriminals.
If you also upload your legal ID documents, it allows them to attempt other fraudulent actions, such as committing identity theft.
If you have received this email, please contact Suncorp Bank.
As you can see from all the screenshots above, cybercriminals have taken great pains to replicate official landing pages from Suncorp – including incorporating the bank’s branding and logo using high-quality graphical elements. All this is done in an attempt to trick the users into thinking the scam is legitimate.
Despite this, several red flags are present in the email that point to its legitimacy. These include several grammatical errors like ‘Due to SSL Database upgrade on our system in order for it remain action’. The lack of a personalised greeting (i.e. doesn’t address the customer directly by name) is also another red flag.
Suncorp is a popular and well trusted bank with an immensely large customer database, so their branding makes a good lure for cybercriminals looking to deceive people.
If you see an email from Suncorp, please exercise caution and make sure it is a legitimate communication before you open it. Please share this alert with your social media network to help us make the people aware of the threat.
What to do if you receive such emails
As a precaution, avoid clicking links in emails that:
- Are not addressed to you by name, have poor English or omit personal details that a legitimate sender would include
- Are from businesses you’re not expecting to hear from.
- Ask you to download any files
Take you to a landing page or website that does not have the legitimate URL of the company the email is purporting to be sent from.
MailGuard urges email users to remember that cybercriminals prey on the brands that we trust and love, like Suncorp. It's wise to always be skeptical of messages from unfamiliar senders asking you to log into your accounts.
Defend your inbox
Even the most experienced and savvy email users can have a moment of haste, carelessness or fatigue when their guard is down. Just practising good common sense isn’t enough anymore, because for scammers it’s a numbers game; they know that if they keep sending their scams, sooner or later we will slip up and do something we shouldn’t.
Phishing scams can be enormously costly and destructive, and new scams are appearing every day. Don’t wait until it happens to you or someone in your business; take action to protect your inboxes, now.
Speak to the MailGuard team today to learn more how MailGuard's predictive and advanced email security can help protect your business for a few dollars per staff member per month.
Talk to a solution consultant at MailGuard today about securing your company's network.
Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.