Issue 166 - November, 2013 (2nd Edition) - Page 23
ANZ Phishing Scam - 'We Detected a Login Attempt With a Valid Password'
Notification email purporting to be from Australian bank, ANZ, claims that a login attempt with a valid password from an unrecognized device has been detected. Recipients are urged to click an account review link if they did not make such a login attempt.
The email is not from ANZ. It is a phishing scam designed to trick recipients into posting their account login credentials and credit card details to Internet criminals.
Subject: Account Incident ID:Z60496200 on November 06, 2013
On Wednesday, 6 November 2013 9:04 AM, ANZ Bank wrote:
This is an automated message to notify you that we detected a login attempt with a valid password to your account from an unrecognized device yesterday @
Location: UNITED STATES, COLORADO, COLORADO SPRINGS,IP=18.104.22.168 Latitude, Longitude: 28.57046, -51.5962 , Connection through: MCI Local Time: 2013 04:57 PM (UTC -06:00) IDD Code: 1 Weather Station: COLORADO SPRINGS (USCO0078) Usage Type: ISP
Was this you? If so, you can disregard the rest of this email. If this wasn't you kindly follow the account review link:
ANZ Bank Customer Care
2013 ANZ Financial Corporation. All Rights reserved
This email, which masquerades as a notification message from large Australian bank ANZ, warns the recipient that the bank has detected a "login attempt with a valid password" via an "unrecognized device". The message lists the time and location where the suspect login attempt supposedly took place.
The user is told to disregard the message if the login attempt was legitimate. However, warns the message, if the user did not try to login as described then he or she should click an account review link.
Clicking the link opens a fake login webpage designed to emulate the genuine ANZ website. Once victims have logged in via the fake site, they will next be presented with a fraudulent web form that asks them to provide account and credit card details:
Rather ironically, after submitting the information on the fake site, victims will be automatically redirected to an Internet security information page on the genuine ANZ website.
Meanwhile, all of the submitted information, including the login details will be sent to the criminals who can later use it to hijack real ANZ accounts and commit credit card fraud. This scam message uses the same tactic as another current phishing attack
that is targeting customers of the Westpac Bank.
As a security measure, some online services do send an automatic advisory message if a login from a new device or location is detected. The scammers responsible for this phishing campaign
are obviously aware of such measures and are no doubt confident that at least a few recipients will be fooled into believing that the notification message is genuine.
Real login advisory messages are very unlikely to tell customers that they must click a link to provide account information.
To help stay safe online, always login to your accounts by entering the account web address into your browser's address bar rather than by clicking a link in an unsolicited email.
Last updated: November 6, 2013
First published: November 6, 2013
By Brett M. Christensen
Pages in this issue:
- Philippines Typhoon Disaster Scams
- Wedding Invitation Malware Emails
- 'Suspicious Guy Claiming He is You' Spam Emails
- Hunting Family Posing With Dead Elephant Picture
- 'Missing Persons in Australia' Facebook Like-Farming Scam
- Baby Iko Facebook Sick Child Hoax
- 'Young Romanian Woman' Car Crash Scam Warning
- No, Scientists in Texas are NOT Going to Use Sex Offenders for Medical Research
- Facebook Hate Campaign Against Keely Currie
- Chinese Teleportation Road Rescue Video
- PlayStation 4 Like and Share Giveaway Facebook Scam
- Circulating Video of Girl Throwing Puppies Causing Outrage
- 'Bizarre Unknown' Fish Caught in Malaysia Not So Mysterious
- No, The Bitstrips App is NOT an NSA Trojan
- 'Removing An Old Setting' Facebook Notification Message
- Did a Man in China Sue His Wife For Being Ugly?
- '200 Pieces of iPhone' Facebook Giveaway Scam
- Gmail '4 Missed Emails' Pharmacy Spam
- 'Freedom Award Lottery Promotion Agency' Facebook Page Scam
- Spider in Oreo Cookie Photograph
- 'Giant Fukushima Mutant Dog' Picture
- Oprah Winfrey is NOT Dead - Links in Message Lead to Rogue App
- ANZ Phishing Scam - 'We Detected a Login Attempt With a Valid Password'
- 'Microsoft Facebook Yahoo Windows Live Award' Advance Fee Scam
- Chemical Burns From Gel In Diaper Warning Message
- Charles F. Feeney 'Grant Donation' Advance Fee Scam
- False and Damaging Rumour - 'RSPCA Paid to Keep Quiet About Halal Slaughtering'
- 'Apple ID Information Updated' Phishing Scam
- ASDA Attempted Kidnapping Hoax
- Bogus Message Proclaims ' Christmas is banned: IT Offends Muslims'
- False Rumour - Patron at Cosmo Romford Finds Dog Microchip Wedged in Tooth
- Hoax - Picture of 'World's Largest Tortoise'
- Fogg Hill Wolf Kill Warning Poster
- NO, Obama is NOT Opening Free Gas Stations in Poor Neighborhoods
- Marks & Spencer Poppy Sales Three Percent False Rumour
- Westpac 'Login Attempt From Unrecognized Device' Phishing Scam
- 'Really Bad Virus' Warning
- Facebook Surcharge Hoax - £1 Per Month From January 2015
- BMW M5 Giveaway Like-Farming Scam
- 'Baby Andrei Needs Help' Facebook Page Donations Scam
- Beware of Fake Obamacare Websites
- 'Temporarily Blocked From Liking Pages' Facebook Message
- 'Pieces of iPad' Giveaway Facebook Scam
- Hoax - Hacking Group Anonymous Targeting Facebook Users With Giraffe Profile Pics
- Bogus Warning - Canned Fruit From Thailand Contaminated With HIV
- Giraffe Profile Picture Virus Hoax