| 17.09,19. 01:31 PM |
NAB customers hit with sophisticated email banking phishing scam
How to protect yourself (Supplied)
How to spot a scam (Supplied)
NAB customers have once again been targeting in an email phishing scam capable of emptying their accounts.
The scam uses the display name "National Australia Bank" and informs recipients their account has been "restricted" due to "irregular activity".
Victims are told to click on a provided link to "restore" their account - doing so will redirect them to a NAB-branded phishing page.
An example of the email. "Hi Info" is a huge red flag this is a scam.
An example of the email. "Hi Info" is a huge red flag this is a scam. (Supplied)
The fraudulent login page looks almost indistinguishable from the official online banking website of the bank and has been designed to harvest the login details.
After login details are entered, customers are led to a secondary fraudulent NAB online banking page which asks them verify their account by entering a "SMS security code".
Customers who click "resend code" button are redirected to a page telling victims "the connection has timed out".
"As you can see from all the screenshots above, cybercriminals have taken great pains to replicate official landing pages from NAB – including incorporating the bank's branding and logo using high-quality graphical elements in the email," explained email security company MailGuard.
NAB Chief Enterprise Security Officer David Fairman said the bank was working to ensure all of our customers and small businesses alike are protected from cybercrime and fraud.
"NAB invests heavily in the latest cyber security and fraud detection capabilities to protect our customers, and we monitor customers' accounts 24 hours a day, 7 days a week for suspicious activity," he said.
"NAB has a mature security awareness program. For our individual customers and small-to-medium businesses, we have a great NAB Security Hub found at nab.com.au/security full of pragmatic and relevant articles, videos, and training modules to equip these groups with the information and tools they need to be aware of to protect themselves.
"We regularly publish security alerts on the Hub when we see new threats and identify trends, to provide timely advice to our customers.
"Despite the increasingly sophisticated nature of cybercrime and fraud attempts, there's plenty of effective actions that the general consumer and small to medium businesses can take to protect themselves, but it starts with raising awareness of the threats."