Issue 132 - June 2012 (1st Edition) - Page 2
ANZ Bonus Reward Points Phishing Scam
Email purporting to be from Australian bank ANZ claims that the recipient will be awarded 20,000 Bonus Reward Points just for filling out a three question survey.
The email is not from ANZ. The recipient will not receive bonus reward points for participating in the supposed survey. The message is a phishing scam designed to trick users into submitting their credit card details to Internet criminals.
Detailed analysis and references below example.
Last updated: 29th May 2012
First published: 29th May 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer
Subject: ANZ Rewards Platinum - 20,000 Bonus Reward Points !
1 minute for 3 Questions Survey . In return we will add 20,000 Bonus Reward Points!
Please submit the survey form and allow 48 hours in order to process it.
To access the survey form, please download and complete survey form attached to this email and open it in a web browser.
Australia and New Zealand Banking Group Limited
According to this email, which claims to be from large Australian Bank ANZ, the recipient can have 20,000 Bonus Reward Points added to his or her account just for participating in a brief survey. Supposedly, all the recipient need do to receive the bonus reward points is open an attached file, fill in a three question survey and submit credit card information. Ostensibly, the credit card details are required so that the reward points can be added to the user's account.
However, the message is certainly not from ANZ. The claim that the user can receive reward points in exchange for filling in an attached survey is untrue. The message is in fact an attempt by online scammers to steal credit card information from unwary recipients. Both the email and the attached survey form feature stolen ANZ logos and formatting in an attempt to make them seem more genuine.
If a recipient falls for the ruse and opens the attached file, he or she will be presented with the following survey and submission form. The form will load in the user's browser:
After the user participates in the "survey" he or she will then be expected to fill in the accompanying form which asks for credit card details including the card verification number and account password as well as other personal information.
But, when the victim hits the "submit" button on the bogus form, all the information provided will be sent to the criminals behind the scam. These criminals can then use the stolen information to make fraudulent credit card transactions. Or, in some cases, they may sell the stolen information to other criminals.
This type of survey phishing
is an increasingly common criminal ploy. Be wary of any unsolicited email that claims that you can receive money, vouchers, prizes or other types of reward just for participating in an insignificant survey. Of course, legitimate companies regularly offer small rewards or the chance to go into a prize draw as incentives for people to participate in their surveys. However, no legitimate company is ever likely to offer a substantial incentive such as 20,000 Reward Points or a substantial monetary fee
just for participating in an absurdly brief and meaningless survey.
Moreover, no legitimate entity is ever likely to expect participants to submit sensitive financial information via an unsecure HTML email attachment. It is always safest to login to your bank's website by entering the web address into your browser's address field. And never enter sensitive personal or financial information via an unsecure (http: rather than https:)
If you receive one of the fraudulent survey phishing scams, do not open any attachments or follow any links that it may contain.
Walmart '$75 Credit for Customers' Phishing Scam
McDonald's Survey Phishing Scam Email
Difference Between http & https
Pages in this issue:
- Spurious First Aid Advice Message - Eggs For Treatment of Burns
- ANZ Bonus Reward Points Phishing Scam
- London Olympics 2012 Lottery Scam
- Images Of Strange Mermaid Found On Beach
- Walmart '$75 Credit for Customers' Phishing Scam
- American Express 'Verify User ID' Malware Email
- Postcard Campaign for Charlie - Please DO NOT Send Any More Cards
- Norton 'Protection Notification' Email Account Phishing Scam
- Domain Name Application Scam
- Immigration Quote Wrongly Attributed to Sir Edmund Barton