Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

Home    About    New Articles    RSS Feed    Subscriptions    Contact
Bookmark and Share

Issue 166 - November, 2013 (2nd Edition) - Page 36

Westpac 'Login Attempt From Unrecognized Device' Phishing Scam

Issue 166 Start Menu

Previous Article            Next Article

Message purporting to be from Australian bank Westpac claims that a login attempt with a valid password from an unrecognized device has been detected on the recipient's account.

Password thief (phishing)

© Carlos Oliveras

Brief Analysis
The message is not from Westpac. It is an attempt by online criminals to trick Westpac customers into handing over their account login details and other personal and financial information.

Bookmark and Share

Sent: Tuesday, 29 October 2013 13:07
Subject: Your Incident ID is: WES057140487

This is an automated message to notify you that we detected a login attempt with a valid password to your account from an unrecognized device yesterday @

Location: UNITED STATES, MARYLAND, SILVER SPRING,IP= Latitude, Longitude: 85.42842, -98.9004  Connection through: VERIZON ONLINE LLC Local Time: 2013 07:39 PM (UTC -04:00) IDD Code: 1 Weather Station: SILVER SPRING (USMD0370) Usage Type: ISP/MOB

Was this you? If so, you can disregard the rest of this email. If this wasn't you kindly follow the account review link:

[Link to scam website removed] 

Westpac Bank Customer Care

2013 Westpac Financial Corporation. All Rights reserved

E-mail ID: 4323896016319406482

Detailed Analysis

This message, which purports to be from large Australian bank Westpac, supposedly notifies the recipient about a suspect account access attempt. The message claims that a login attempt with a valid password from an unrecognized device was detected. The message lists detailed time and location data about the supposed login attempt. It instructs customers to follow an account review link if they did not make the login attempt.

However, the email is not from Westpac and the login attempt claims are false. It is a phishing scam that tries to trick people into visiting a bogus website and supplying account login details and other personal and financial details.

The listed login location details may vary in different incarnations of the scam message.

As part of their security protocols, some online service providers may send an automatic advisory message if a login from a new device or location is detected. The scammers who created this phishing campaign are aware of such protocols and hope that their tactic will fool at least a few bank customers into believing that their message is genuine.

Real login advisory messages are very unlikely to tell customers that they must click a link to provide account information.

It is always best to login to your online accounts by entering the account web address into your browser's address bar rather than by clicking a link in an unsolicited email.

You can report Westpac phishing scams via the reporting guidelines on the bank's website.

Bookmark and Share

Last updated: October 31, 2013
First published: October 31, 2013
By Brett M. Christensen
About Hoax-Slayer

Phishing Scams - Anti-Phishing Information
Prevent fraud and scams

Previous Article            Next Article

Issue 166 Start Menu

Pages in this issue:
  1. Philippines Typhoon Disaster Scams
  2. Wedding Invitation Malware Emails
  3. 'Suspicious Guy Claiming He is You' Spam Emails
  4. Hunting Family Posing With Dead Elephant Picture
  5. 'Missing Persons in Australia' Facebook Like-Farming Scam
  6. Baby Iko Facebook Sick Child Hoax
  7. 'Young Romanian Woman' Car Crash Scam Warning
  8. No, Scientists in Texas are NOT Going to Use Sex Offenders for Medical Research
  9. Facebook Hate Campaign Against Keely Currie
  10. Chinese Teleportation Road Rescue Video
  11. PlayStation 4 Like and Share Giveaway Facebook Scam
  12. Circulating Video of Girl Throwing Puppies Causing Outrage
  13. 'Bizarre Unknown' Fish Caught in Malaysia Not So Mysterious
  14. No, The Bitstrips App is NOT an NSA Trojan
  15. 'Removing An Old Setting' Facebook Notification Message
  16. Did a Man in China Sue His Wife For Being Ugly?
  17. '200 Pieces of iPhone' Facebook Giveaway Scam
  18. Gmail '4 Missed Emails' Pharmacy Spam
  19. 'Freedom Award Lottery Promotion Agency' Facebook Page Scam
  20. Spider in Oreo Cookie Photograph
  21. 'Giant Fukushima Mutant Dog' Picture
  22. Oprah Winfrey is NOT Dead - Links in Message Lead to Rogue App
  23. ANZ Phishing Scam - 'We Detected a Login Attempt With a Valid Password'
  24. 'Microsoft Facebook Yahoo Windows Live Award' Advance Fee Scam
  25. Chemical Burns From Gel In Diaper Warning Message
  26. Charles F. Feeney 'Grant Donation' Advance Fee Scam
  27. False and Damaging Rumour - 'RSPCA Paid to Keep Quiet About Halal Slaughtering'
  28. 'Apple ID Information Updated' Phishing Scam
  29. ASDA Attempted Kidnapping Hoax
  30. Bogus Message Proclaims ' Christmas is banned: IT Offends Muslims'
  31. False Rumour - Patron at Cosmo Romford Finds Dog Microchip Wedged in Tooth
  32. Hoax - Picture of 'World's Largest Tortoise'
  33. Fogg Hill Wolf Kill Warning Poster
  34. NO, Obama is NOT Opening Free Gas Stations in Poor Neighborhoods
  35. Marks & Spencer Poppy Sales Three Percent False Rumour
  36. Westpac 'Login Attempt From Unrecognized Device' Phishing Scam
  37. 'Really Bad Virus' Warning
  38. Facebook Surcharge Hoax - £1 Per Month From January 2015
  39. BMW M5 Giveaway Like-Farming Scam
  40. 'Baby Andrei Needs Help' Facebook Page Donations Scam
  41. Beware of Fake Obamacare Websites
  42. 'Temporarily Blocked From Liking Pages' Facebook Message
  43. 'Pieces of iPad' Giveaway Facebook Scam
  44. Hoax - Hacking Group Anonymous Targeting Facebook Users With Giraffe Profile Pics
  45. Bogus Warning - Canned Fruit From Thailand Contaminated With HIV
  46. Giraffe Profile Picture Virus Hoax