A huge new wave of Westpac emails is again threatening Australians’ online security – just as the bank grapples with a major online banking outage.
Just days after a similar phishing email outbreak, the bank is again being imitated – this time on a much larger scale.
Cybersecurity company MailGuard blocked thousands of iterations of the email in the course of the past 48 hours. The email aims to steal account log-in information by posing as the bank and telling recipients their account has been temporarily blocked.
The scam uses a realistic clone of the real Westpac online banking page to harvest account access details.
It comes as the bank apologised for a major outage, which also began on Sunday, that is still preventing some customers from accessing their Westpac Live accounts today.
“We have had an issue with online banking whereby some customers were unable to view their account details in Westpac Live. While we have resolved the issue for many customers, we are aware that a limited number of people are still having issues logging in,” the bank said in a statement today, according to cio.com.au
The latest phishing attempt, which MailGuard customers are protected from, comes a week after similar attack which told recipients their Westpac account had been locked.
The latest fraud attempt tells recipients their bank card and online account have been temporarily blocked. They can regain access by clicking a link, it advises.
The link takes victims to a replica of the real Westpac online banking website – designed to steal people’s account log-in details. It’s hosted on the compromised site of a Napa Valley wine tour operator.
The email contains an image rather than text, possibly to avoid detection by software set up to block suspicious phrases. The sending address varies, but in each case includes the domain @emailwestpac.com.au. The emails have been sent from a range of compromised servers.
For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs: firstname.lastname@example.org