Australia Markets closed

‘Elaborate’, ‘multi-staged’: Key thing that makes this bank email scam so malicious

The scam email looks so much like the real deal. (Source: Getty, MailGuard)

Cyber criminals are getting better and better at tricking unsuspecting people into handing over their personal and banking details, Aussies have been warned.

Email security software MailGuard has revealed a new “multi-staged phishing email scam” that pretend to be the Commonwealth Bank of Australia, the country’s biggest bank – and it looks like the real thing.

“The hallmark of this scam lies in not only how well-crafted it is, but how it ironically utilises multiple safety features to steal confidential data of users,” MailGuard said on its website.

How do I spot this scam?

In the scam email, two different display names are used: ‘Commonwealthbank AU’ and ‘ASB Bank New Zealand’, but it’s sent from the same sending address.

The body of the email address the recipient as “Dear Customer”, and tells them their account has been “temporarily suspended” due to “our new service update”.

The user is then told to click a link to verify and update their account “in other [sic] to have unrestricted access”.

(Source: MailGuard)

Clicking on the link takes you to a fake CBA page, which asks you to log into their account.

(Source: MailGuard)

If you thought the scam ended there, you’d be wrong: users are then taken to a page called ‘NetCode Confirmation’, which tells them that their NetCode is needed to “ensure security”.

(Source: MailGuard)

Key that in, and users are taken to an ‘Email Confirmation’ page where you’ll be asked to put in your email address.

(Source: MailGuard)

It’s not over: users are then taken to a page to verify their identity one last time using a NetCode sent to their mobile number.

“This sole purpose of this elaborate phishing scam is to harvest the login credentials of Commonwealth Bank customers so the criminals behind this scam can break into their bank accounts,” MailGuard said.

It’s evident from the screenshots the lengths that malicious hackers have gone to to replicate CBA landing pages as closely as possible, including using CBA branding and logo.

“All this is done in an attempt to trick the users into thinking the scam is legitimate.”

Above all, it’s the scam’s focus on ‘security’ and ID verification that makes the email scam so underhanded.

“This only adds on to the sense of legitimacy evoked by the email as updates on account safety is a common notification expected of such a well-established bank,” said MailGuard.

“All this serves to elicit a more confident response from recipients who think they are, in fact, making their accounts more secure by clicking on the provided link and entering their confidential login details.”

The inaugural Yahoo Finance All Markets Summit will be held on the 26th of September 2019 in the Shangri-La, Sydney. Check out the full line-up of speakers and agenda for this groundbreaking event here and buy tickets here.

The Yahoo Finance All Markets Summit will take place in the Shangri-La Hotel in Sydney on 26 September.