Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share









Issue 170 - January, 2014 (2nd Edition) - Page 11

Commonwealth Bank 'eStatement Ready' Phishing Scam

Issue 170 Start Menu

Previous Article            Next Article

Outline
Message purporting to be from Australia's Commonwealth Bank advises the recipient that an online account statement is ready for viewing.

Phishing

© Depositphotos.com/alexandragl



Brief Analysis
The email is not from the Commonwealth Bank. It is a phishing scam designed to steal bank account login details and other personal information.

Bookmark and Share

Example

Subject: eStatement for December 2013 is ready
From:  Commonwealth - NetBank 

Email notification to let you know that your online statements for December is ready for viewing.

Online statements are fast, free, and always available. They never get lost in the mail or misplaced.

Plus, online statements save paper and trees.

Just log on to NetBank and you’ll have access to up to seven years of statements whenever and wherever you’d like.

The number of statements and notices you see will depend on your account.

Your eStatements are ready.

This is an automated message do not reply
Commonwealth Bank of Australia

Comonwealth Bank eStatements Phishing Scam


Detailed Analysis


According to this email, which purports to be from Australia's Commonwealth Bank, online statements for December are ready for viewing. Recipients are urged to click a link labelled "Your eStatements are ready" in order to gain access to the documents.

However, the email is not from the Commonwealth Bank. Instead, it is a phishing scam designed to trick users into divulging their account login details and other information.

Those who click the link in the email will be taken to a fake website that very closely mirrors the appearance of the genuine Commonwealth Bank login page. Once they have "logged in" on the fake page, users will then be asked to provide their email username and password, their date of birth, and their contact details, ostensibly to confirm their account.

After submitting this information, users will be automatically redirected to the genuine Commonwealth Bank website.

Meanwhile, the criminals operating the scam can use the stolen information to hijack the bank accounts belonging to their victims. They can also take control of their email accounts and use them to engage in further spam and scam campaigns in the name of their victims.

The scammers know that many modern banks do offer customers online versions of their banking statements and may send out email notifications when such statements are ready. However, banks will not generally instruct users to follow a direct login link to view statements.

Note also that are another version of the scam is targeting Westpac customers. Other Australian banks may also be targeted.

Phishing is a very common scam. Be wary of any email that asks you to click a link to login and provide account information, regardless of the reason given. It is always safest to access your online accounts by entering the address into your browser's address bar rather than by clicking a link in the message.

Bookmark and Share

Last updated: January 9, 2014
First published: January 9, 2014
By Brett M. Christensen
About Hoax-Slayer

References
Westpac Phishng Scam Warning
Phishing Scams - Anti-Phishing Information



Previous Article            Next Article

Issue 170 Start Menu

Pages in this issue:
  1. 'Paul Walker Still Alive After Accident' Phishing and Survey Scam
  2. 'Profile Visitors for Facebook' Rogue App and Survey Scam
  3. PG & E Energy Statement Malware Emails
  4. Fake Picture: 'Thailand Snake Girl' - Serpentosis Malianorcis
  5. Tom Crist Lottery Win Advance Fee Scam
  6. Legoland Child Abduction Attempt Hoax
  7. Fake Picasa 'New Photos' Emails Point to Dodgy Pharmacy Website
  8. 'Win a Disney Cruise' Survey Scam
  9. Bogus Advice - Block Hackers by Adding 'Security' to Facebook Blocking Function
  10. Fake - Giant Squid Image
  11. Commonwealth Bank 'eStatement Ready' Phishing Scam
  12. 'Singer Rihanna Found to be Dead' Facebook Survey Scam
  13. Satire - Pope Francis and the 'Third Vatican Council'
  14. Snow Canyon Roadway Image
  15. Albert (Tapper) Torney and the Can Car Sculptures That He Did NOT Make
  16. 'Your Atmos Energy Bill is Available' Malware Email
  17. 'Beware Hack Scam Rollercoaster Clip' Facebook Warning Message
  18. Sainsbury's 'Customer Satisfaction Survey' Phishing Scame
  19. Satire - '18 Million Birds Dead New Year's Eve'
  20. Hoax - 'Marijuana Overdoses Kill 37 in Colorado'
  21. Hoax Report Claims Paul Walker Faked His Own Death
  22. 'Shark Eats Swimming Man' Facebook Survey Scam
  23. 'Notice to Appear in Court' Malware Emails
  24. 'Most Fatal Car Accident' Survey Scam
  25. Hoax - Extraordinary Planetary Alignment To Decrease Gravity on January 4
  26. 'World's Largest Snake Video' Survey Scam
  27. Michael Jackson Died Years Ago Hoax
  28. 'My Home is Burning' Facebook Phishing and Malware Scam
  29. Facebook 'Closed for Maintenance' Prank