| 07.03,19. 01:54 PM |
ANZ email scam will steal your internet banking login credentials
ANZ banking customers are being warned over a new email scam exploiting the company’s branding to harvest login credentials.
The sophisticated phishing scam - an attempt to obtain sensitive information in an electronic communication - is sent using Amazon web services from the domain ‘@anzsupport.cf’.
The body of the ANZ-branded email explains the bank will be introducing “challenge questions” to help customers verify their identity for an extra level of security.
The sole purpose of this elaborate phishing scam is to harvest the login credentials of ANZ customer. MailGuard (Supplied)
A link is provided for customers to confirm their own challenge questions and answers for the service.
Clicking the link takes victims to an authentic looking ANZ login page which requests them to enter their Customer Registration Number and password – entering details here will hand over the sensitive information to cybercriminals.
The fake ANZ landing page (Supplied)
If customers do login with their credentials, they are redirected a page where they are asked to select three challenge questions to which they provide answers.
To make the scam even more convincing, customers are redirected back to the official ANZ page after answering the questions.
“Cybercriminals have taken great pains to replicate official landing pages from ANZ – including incorporating the bank’s branding and logo using high-quality graphical elements,” explained email security firm MailGuard.
“If you tell the scammers your security question, it allows them to attempt other fraudulent actions, such as calling them back and trying to access your accounts.”
Criminals hope you will use questions and answers linked to other accounts. (Supplied)
ANZ has advised it does not send emails asking for personal information or security credentials and told customers who receive suspicious emails or texts to do the following:
- Do not click on any unexpected/unusual links or open attachments.
- Forward the suspicious email or SMS to [email protected]
- Delete the message from your inbox.
Recipients can access more information on The ANZ Security Centre here.
MORE SCAMS TO WATCH FOR:
Telstra phone scam: Man hit with more than $10,000 in charges after scammers opened 10 mobile accounts in his name without his permission or knowledge.
Fake Indian call centre scam: Telstra customers are being warned over an Indian call centre scam attempting to trick victims into handing over sensitive information that could be used for identity theft.
NBN robocall scam: Sophisticated NBN robocall phone scam has been targeting areas of the country where installations are currently underway.
Energy Australia scam: Email scam uses the large database and established brand credibility of EnergyAustralia to lure victims into downloading a malicious file
Optus email scam: An email purporting to be from Optus tells the recipient told a document is available for them to download. Once click, their computer is infected.
Valentine's Day scam: Romance scammers actively engage with victims, slowly building an online relationship before asking for money
Telstra email scam: Email-based cyber-attack uses Telstra branding to trick customers into clicking a link that can infect their computer with a malicious file used to steal information.
Netflix email scam: Email tells users their account has been suspended in an attempt to trick them into clicking a link which leads to a Netflix-branded phishing page used to steal personal information.
Apple Store email scam: The phishing scam involves an email purporting to be from Apple Store, which informs customers they have a PDF receipt from a recent purchase.
ATO phone scam: Phone calls claiming to be from the ATO attempt to fool people into handing over money by claiming they are about to be arrested over unpaid taxes.
'SIM swapping' scam: Hackers can gain access to your bank account, email and social media with just a simple phone call to a mobile operator.
Post-storm roof scam: The men knock on the door of Australians after wild weather and say the roof must be replaced as it's about to cave in. One lady handed over $156,000 for work that did not need to be done.
Police phone scam: Scammers are posing as police officers to try and dupe people into handing over financial information.
Ransom email scam: Scammers are sending ransom emails containing terrifying threats designed to frighten people into handing over their money.
Telstra email bill scam: A legitimate-looking email bill that directs users to a malicious website that will deliver malware to their computer.
Facebook scam: Users receive messages from the accounts of friends and family, telling them they can win money by clicking on a link that will infect their computer. The message is from a scammer who has hacked your friend’s account or created a “copy” profile by stealing their images and information
Wealthy suburb scam: An elaborate scam saw a man hand over a $40,000 car without receiving a cent.