Jaclyn McRae 07 June 2017 15:25:49 AEST 2 MIN READ

Heads-up: Your Westpac account hasn’t really been locked

 A low-tech phishing attempt is currently targeting Westpac customers.

The email scam, with the subject line ‘Your account is locked’ has been distributed to a relatively small number of recipients. It says the person’s account has been temporarily locked “as a result of technical issues detected”.

Recipients are told to click a link to unlock their internet banking access.

The link takes victims to a replica of the Westpac banking website, hosted on the unrelated domain of a Tanzanian guesthouse, which was likely compromised in an earlier cyber hack.

Your Account Is Locked - Mozilla Thunderbird_001.png

Here, they’re told to enter their customer ID and password. This is a ploy by the cybercriminals behind this campaign to steal and record log-in information, allowing them to access victims’ accounts and transfer money into their own hands.

Westpac Online Banking registration - personal banking - Westpac Online Banking - Mozilla Firefox_002.png

While the fraud email contains many indications it is a scam, the fact it’s sent from the forged address ccapplications@westpac.com.au may trip up some recipients.

Signs this is a scam

  • The plain-text email has no branding or customised information. It starts with a generic ‘This is to inform you’ message
  • Words are inconsistently capitalised (see Locked/locked and RESOLVE IT HERE).
  • Real banks never direct their customers to click a link to sign in to resolve an issue
  • By hovering over the link you can see where it really takes you – in this case an accommodation provider based in Tanzania
  • On the fake Westpac site’s URL you’ll see a padlock with a red line through it, which indicates the website is not secure.
  • The real Westpac site, https://www.westpac.com.au/, has a green padlock, indicating it is safe to use.

How to spot a phishing scam

  • A heightened sense of urgency in the email
  • Bad grammar, poor spelling, misuse of punctuation
  • An attempt to ‘verify’ your information such as user name or password
  • Illegitimate links (hover over them and you can tell straight away)
  • Generic throughout, with no use of personalisation
  • Obscure sending addresses
  • Distorted logos or poor-quality graphics in the email body.

For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.

Keep Informed with Weekly Updates

 

^ Back to Top