Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 110 - January 2011 - Page 8

Pages in this month's issue:
  1. Facebook Account Update Phishing Scam Email
  2. Facebook Change Profile Picture to Cartoon Character Paedophile Warning Hoax
  3. Inaccurate Warning about Fake $50 Australian Banknotes
  4. Driving With Snow on Car Roof Fixed Penalties Hoax
  5. Elephant Encounter Story - Not the Same Elephant
  6. Facebook Warning Post - Apps Sending 'Not Very Nice' Messages Using Your Name
  7. Google Romance Malware Email
  8. St.George Bank Phishing Scam Emails
  9. New Fall Hat - Image of President Obama Wearing an Acorn Hat and Smoking
  10. BT Service Cancellation Notice Phishing Scam
  11. Liverpool and Manchester Shopping Centre Bomb Threat Hoax
  12. Adobe Acrobat Upgrade Phishing Scam Emails
  13. The Amazing Typewriter Art of Paul Smith
  14. Indian Government Award Advance Fee Scam
  15. Slow Dance Charity Hoax
  16. Chinese Hair Bands Made From Used Condoms
  17. Baby With Facial Deformity Money for Forwarding Hoax
  18. F-15 Crash Sequence Images
  19. Tampa Bay Beach Sea Monster

Issue 110 Start Menu

Previous Article            Next Article

St.George Bank Phishing Scam Emails

Outline
Emails, purporting to be from Australia's St. George Bank, claim that the recipient needs to click a link to logon to his or account in order to update information, retrieve messages, or rectify specified problems with the account.



Brief Analysis
The messages are not from St.George Bank. They are phishing scams designed to steal financial information.

Bookmark and Share
Detailed analysis and references below example.



Last updated: 5th December 2010
First published: 17th June 2009
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example(Received, December 2010)
Dear Customer,

We detected irregular activities on your St.George Internet Banking account on December 02, 2010 . Your Internet banking account has been temporarily suspended for your protection, you must verify this activity before you can continue using your Internet banking account with St.George Bank Limited.

To restore your account and verify your account activity, Kindly click on the secure link below :
[Link Removed]

Security advice : Always logoff completely your Internet banking account after using internet banking from a public places or computer for security reasons.

Thank you,
Customers Support Service.
St.George Internet Banking services.
St.George and Westpac Bank Limited.


Example(Received, June 2009)
Example 1: Subject: St.George Online Banking Alert

Dear member:

We have recently updated our Online system to include new layer secure authentication. This is intended to provide you with the best security possible when accessing your account.
You will need to update your account in order to continue using your card.

St.George Home - Update [Link Removed]

Your ticket code is ST7880040.
We apologize for any inconvenience this may cause and appreciate your patience and understanding.

Member ID 92996

Example 2:

Subject: St. George online banking

We'd like to inform you that your secure mailbox has 1 new message(s).

Please visit Net in order to read this message(s) from our secure location.

Net: Log On [Link Removed]

View all messages [Link Removed]

Example 3:

Subject: St.George Bank message

To view this St.George Bank message log in at [Link Removed]. Please do not "reply" to this message. Click here [Link Removed] for more information. Contact St.George Bank Contact us at any time, 24 hours a day, 7 days a week Sign-on to St.George Bank online [Link removed] Example 4:

Subject: Information Regarding Your Internet Banking Account

Restore your Internet Banking Access As a result of too many incorrect attempts to access Internet Bank- ing, your access to this service has been locked. We apologize for any inconvenience this may cause.

Please Logon to Internet Banking to restore your account access as soon as possible.

Internet Banking: Restore Account

Example 4:

Subject: Banking Alert

Dear St.George customer,

During our regulary scheduled maintenance procedures, we have detected a slight error regarding your St.George Account. This might be due to one of the following reasons:

1. A recent change in your personal information (i.e. address changing).
2. Submitting invalid information during the initial sign up process.
3. Multiple failed logins in your personal account.
4. An inabillity to accurately verify your selected option of payment due to an internal error within our system.

*If your information is not updated within 48 hours then your ability to access your account will be restricted.

St.George - Update [Link Removed]

Thank you,
Ticket code is ST9402628,
Customer ID 68389,
St.George Bank , Billing Department




Detailed Analysis
Internet criminals are once again targeting Australian financial institution, St.George Bank.

During 2009, a a large number of phishing scam emails purporting to be from St.George Bank were distributed. Such scam attempts against St.George have continued, with submissions in late 2010 indicating another apparent spike in scammer activity. The emails make various claims designed to trick potential victims into following links included in the messages. Some claim that an important message is waiting for the customer online. Others claim that online banking has been "locked" or suspended due to too many failed login attempts or because of suspected fraudulent activity. Still others claim that due to errors detected in the system or changes in procedure, the customer's online banking details must be updated. All versions include links to bogus websites that have been constructed to closely resemble the genuine St.George Bank website.

Customers who are tricked into following these links and logging in to the fake sites, may then be asked to provide other confidential information such as credit card details and personal and employment details. The criminals responsible for these scam emails are able to harvest all the information provided on the fake website including the customer's online banking username and password. They can then use the harvested information to logon to their victim's real St.George account, steal money, make unauthorised credit transactions and conduct other fraudulent activities.

The scam messages may include seemingly genuine St.George logos and copyright notices to further the illusion of legitimacy. Many of the 2009 scam emails were virtually identical to earlier messages that targeted the Commonwealth Bank. In some, the scammers simply substituted "St.George Bank" in place of "Commonwealth Bank" and switched logos and copyright notices to reflect their new target. In fact, several St.George Bank scam examples I have received still include references to the Commonwealth Bank as well, apparently due to laxity on the part of the criminal processing the scam messages.

Internet users should be very cautious of any unsolicited email that requests them to click a link and login to an online account and provide confidential information. Like other legitimate financial institutions, St.George Bank will never send emails that ask customers to click a link and provide personal information. The bank has published information warning customers about these phishing scam emails on its website.

Learn More About Phishing Scams
Bookmark and Share References:
Commonwealth Bank Phishing Scam Emails
St.George Bank - Hoax emails



Previous Article            Next Article

Issue 110 Start Menu

Pages in this month's issue:
  1. Facebook Account Update Phishing Scam Email
  2. Facebook Change Profile Picture to Cartoon Character Paedophile Warning Hoax
  3. Inaccurate Warning about Fake $50 Australian Banknotes
  4. Driving With Snow on Car Roof Fixed Penalties Hoax
  5. Elephant Encounter Story - Not the Same Elephant
  6. Facebook Warning Post - Apps Sending 'Not Very Nice' Messages Using Your Name
  7. Google Romance Malware Email
  8. St.George Bank Phishing Scam Emails
  9. New Fall Hat - Image of President Obama Wearing an Acorn Hat and Smoking
  10. BT Service Cancellation Notice Phishing Scam
  11. Liverpool and Manchester Shopping Centre Bomb Threat Hoax
  12. Adobe Acrobat Upgrade Phishing Scam Emails
  13. The Amazing Typewriter Art of Paul Smith
  14. Indian Government Award Advance Fee Scam
  15. Slow Dance Charity Hoax
  16. Chinese Hair Bands Made From Used Condoms
  17. Baby With Facial Deformity Money for Forwarding Hoax
  18. F-15 Crash Sequence Images
  19. Tampa Bay Beach Sea Monster