A low-tech phishing attempt is currently targeting Westpac customers.
The email scam, with the subject line ‘Your account is locked’ has been distributed to a relatively small number of recipients. It says the person’s account has been temporarily locked “as a result of technical issues detected”.
Recipients are told to click a link to unlock their internet banking access.
The link takes victims to a replica of the Westpac banking website, hosted on the unrelated domain of a Tanzanian guesthouse, which was likely compromised in an earlier cyber hack.
Here, they’re told to enter their customer ID and password. This is a ploy by the cybercriminals behind this campaign to steal and record log-in information, allowing them to access victims’ accounts and transfer money into their own hands.
While the fraud email contains many indications it is a scam, the fact it’s sent from the forged address email@example.com may trip up some recipients.
Signs this is a scam
- The plain-text email has no branding or customised information. It starts with a generic ‘This is to inform you’ message
- Words are inconsistently capitalised (see Locked/locked and RESOLVE IT HERE).
- Real banks never direct their customers to click a link to sign in to resolve an issue
- By hovering over the link you can see where it really takes you – in this case an accommodation provider based in Tanzania
- On the fake Westpac site’s URL you’ll see a padlock with a red line through it, which indicates the website is not secure.
- The real Westpac site, https://www.westpac.com.au/, has a green padlock, indicating it is safe to use.
How to spot a phishing scam
- A heightened sense of urgency in the email
- Bad grammar, poor spelling, misuse of punctuation
- An attempt to ‘verify’ your information such as user name or password
- Illegitimate links (hover over them and you can tell straight away)
- Generic throughout, with no use of personalisation
- Obscure sending addresses
- Distorted logos or poor-quality graphics in the email body.
For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.