Update: Westpac brand again under attack

Posted by Jaclyn McRae on 13 June 2017 13:15:23 AEST

A huge new wave of Westpac emails is again threatening Australians’ online security – just as the bank grapples with a major online banking outage.

Just days after a similar phishing email outbreak, the bank is again being imitated – this time on a much larger scale.

Cybersecurity company MailGuard blocked thousands of iterations of the email in the course of the past 48 hours. The email aims to steal account log-in information by posing as the bank and telling recipients their account has been temporarily blocked.

The scam uses a realistic clone of the real Westpac online banking page to harvest account access details.

New Westpac card temporarily blocked landing page MAILGUARD2.jpg

It comes as the bank apologised for a major outage, which also began on Sunday, that is still preventing some customers from accessing their Westpac Live accounts today.

“We have had an issue with online banking whereby some customers were unable to view their account details in Westpac Live. While we have resolved the issue for many customers, we are aware that a limited number of people are still having issues logging in,” the bank said in a statement today, according to cio.com.au

The latest phishing attempt, which MailGuard customers are protected from, comes a week after similar attack which told recipients their Westpac account had been locked.

The latest fraud attempt tells recipients their bank card and online account have been temporarily blocked. They can regain access by clicking a link, it advises.

New Westpac card temporarily blocked email MAILGUARD2.jpg

The link takes victims to a replica of the real Westpac online banking website – designed to steal people’s account log-in details. It’s hosted on the compromised site of a Napa Valley wine tour operator.

The email contains an image rather than text, possibly to avoid detection by software set up to block suspicious phrases. The sending address varies, but in each case includes the domain @emailwestpac.com.au. The emails have been sent from a range of compromised servers.

For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs: expert@mailguard.com.au

Keep Informed with Weekly Updates


^ Back to Top

Topics: Phishing Westpac Email Scam Cybersecurity cybercrime cybercrime statistics Australian cybercrime westpac account blocked

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all