Advertisement
Australia markets closed
  • ALL ORDS

    8,153.70
    +80.10 (+0.99%)
     
  • ASX 200

    7,896.90
    +77.30 (+0.99%)
     
  • AUD/USD

    0.6514
    -0.0004 (-0.06%)
     
  • OIL

    83.11
    -0.06 (-0.07%)
     
  • GOLD

    2,254.80
    +16.40 (+0.73%)
     
  • Bitcoin AUD

    108,501.02
    +1,727.60 (+1.62%)
     
  • CMC Crypto 200

    885.54
    0.00 (0.00%)
     
  • AUD/EUR

    0.6037
    +0.0003 (+0.05%)
     
  • AUD/NZD

    1.0901
    -0.0001 (-0.01%)
     
  • NZX 50

    12,105.29
    +94.63 (+0.79%)
     
  • NASDAQ

    18,254.69
    -26.15 (-0.14%)
     
  • FTSE

    7,952.62
    +20.64 (+0.26%)
     
  • Dow Jones

    39,807.37
    +47.29 (+0.12%)
     
  • DAX

    18,492.49
    +15.40 (+0.08%)
     
  • Hang Seng

    16,541.42
    +148.58 (+0.91%)
     
  • NIKKEI 225

    40,326.27
    +158.20 (+0.39%)
     

‘Don’t be fooled’: 1 million Aussies warned of online threat

(Source: Getty, MailGuard)
(Source: Getty, MailGuard)

Suncorp Bank customers have been warned about a new email scam designed to steal their personal banking details.

Email security software platform Mailguard has warned Australians about a new phishing scam that has landed in Aussie inboxes which informs recipients they have “1 New Message In [Their] Internet Banking Account”.

The fraudulent email appears to be from “Suncorp Bank” – but isn’t.

“It actually originates from a compromised service at a web hosting company,” Mailguard said in a blog post.

To fool recipients, the scam uses Suncorp branding and logos and asks recipients to log on and view the message.

(Source: Mailguard)
(Source: Mailguard)

Those who click the link are taken to a fake login page that looks to be from Suncorp, and asks for users’ customer ID, password, and token code.

ADVERTISEMENT

But users should note that the URL is not Suncorp’s website.

(Source: Mailguard)
(Source: Mailguard)

Once these details are punched in, the data is harvested for later use, and the user simply sees a message that their “account has been successfully updated”.

That’s it – the user is then redirected to Suncorp’s real website.

“We advise all recipients to delete these emails immediately without clicking on any links, said Mailguard.

“Please share this alert with your social media network to help us spread the word around this email scam.”

Cyber criminals have been known to spoof this type of auto-generated message from well-known institutions to steal users’ banking details, Mailguard continued.

Everything, from the logo, branding and the subject line is designed to create “intrigue” and “urgency” that leads users to click.

“Suncorp is a popular and well trusted bank with an immensely large customer database, so their branding makes a good lure for cybercriminals looking to deceive people,” Mailguard said.

According to Suncorp’s website, it has 1 million personal, small to medium enterprise and agribusiness customers.

But you should still be able to spot the scam – for instance, the email doesn’t address you by name (“Dear Suncorp customer”).

Other scam give-aways are poor English or grammar; the lack of personal details that a real sender would normally include; the email is sent from someone or a company you’re not expecting to hear from; or the website URL is not legitimate.

According to Suncorp, it will never ask you via text or email to verify your details or reset your password.

“We’ll also never call you and ask for payment when helping you secure your banking or ask you to ‘Log in to Internet Banking’ through an email.”

Want to hear Australian influencers reveal their best finance tips? Join the Broke Millennials Club on Facebook, and receive one hot tip per day in December.

And if you want 2021 to be your best (financial) year yet, follow Yahoo Finance on Facebook, LinkedIn, Instagram and Twitter. Subscribe to the free Fully Briefed daily newsletter here.