Akankasha Dewan 26 November 2020 19:02:18 AEDT 4 MIN READ

Watch out for this phishing email claiming you have “1 New Message” in your Suncorp Internet Banking Account

Suncorp customers, don’t be fooled by this email claiming you have a new alert in your Internet banking account. This is part of a phishing scam designed to steal your personal details.

The fraudulent email uses a display name of “Suncorp Bank” and is titled “Dear Suncorp Customer You Have 1 New Message & Alert”. It actually originates from a compromised service at a web hosting company.

The email body employs the bank’s logo & branding, informing recipients that they have received a new message. A link is provided for them to “Log On” and view the message

Here's what the email looks like:

Suncorp_Social

Unsuspecting users who click on the link are leads them to a fake login page employing Suncorp’s branding and logo (complete with support links). It asks for the user’s banking account number, password, and security token code. However, the URL used in the page’s domain does not belong to Suncorp – a red flag pointing to the page’s illegitimacy. It is actually hosted on a compromised website.

Here’s what the page looks like:

Suncorp2_2611

Once these credentials are entered and submitted, the attacker harvests them for later use, and the user is met with a message saying “your account has been successfully updated”. The user is then redirected to Suncorp’s actual website.

We advise all recipients to delete these emails immediately without clicking on any links. Please share this alert with your social media network to help us spread the word around this email scam.

Auto-generated messages claiming to deliver new messages have long been used by cybercriminals to scam users. The usage of a subject line notifying users that they have received a new message, as in this scam, is likely an attempt to intrigue users, and motivate them into clicking on the phishing link. Cybercriminals hope that in their curiosity and urgency to respond to and act upon such notifications, users don’t pause to check for their legitimacy.

As you can see from all the screenshots above, cybercriminals have taken great pains to impersonate Suncorp – including incorporating the bank’s branding and logo using high-quality graphical elements in the phishing page. All this is done in an attempt to trick the users into thinking the scam is legitimate.

Suncorp is a popular and well trusted bank with an immensely large customer database, so their branding makes a good lure for cybercriminals looking to deceive people.

Despite these techniques, eagle-eyed recipients should be able to spot several red flags that point to the email’s illegitimacy, including the fact that the user isn’t addressed directly in the email. In addition, the scam uses a JavaScript alert when redirecting from the phishing page to the actual Suncorp website, which indicates that something may be amiss (these alerts are a very old style of conveying information, and are used pretty rarely in modern web development).

Suncorp lists the following advice on its support page:

“The most important thing to remember is that we’ll never send you text messages or emails to verify details or reset your account password. We’ll also never call you and ask for payment when helping you secure your banking or ask you to ‘Log in to Internet Banking’ through an email.”

If you're unsure whether an email you have received is from Suncorp, simply contact the bank directly. 

As a precaution, MailGuard urges you not to click links within emails that:

  • Are not addressed to you by name.
  • Appear to be from a legitimate company but use poor English, or omit personal details that a legitimate sender would include.
  • Are from businesses that you were not expecting to hear from.
  • Take you to a landing page or website that is not the legitimate URL of the company the email is purporting to be sent from. 

 

One email is all that it takes

All that it takes to break into your business is a cleverly-worded email message. If scammers can trick one person in your company into clicking on a malicious link they can gain access to your data.

For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security.

Talk to a solution consultant at MailGuard today about securing your company's network.

Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.

Keep Informed with Weekly Updates