Issue 170 - January, 2014 (2nd Edition) - Page 11
Commonwealth Bank 'eStatement Ready' Phishing Scam
Message purporting to be from Australia's Commonwealth Bank advises the recipient that an online account statement is ready for viewing.
The email is not from the Commonwealth Bank. It is a phishing scam designed to steal bank account login details and other personal information.
Subject: eStatement for December 2013 is ready
From: Commonwealth - NetBank
Email notification to let you know that your online statements for December is ready for viewing.
Online statements are fast, free, and always available. They never get lost in the mail or misplaced.
Plus, online statements save paper and trees.
Just log on to NetBank and you’ll have access to up to seven years of statements whenever and wherever you’d like.
The number of statements and notices you see will depend on your account.
Your eStatements are ready.
This is an automated message do not reply
Commonwealth Bank of Australia
According to this email, which purports to be from Australia's Commonwealth Bank, online statements for December are ready for viewing. Recipients are urged to click a link labelled "Your eStatements are ready" in order to gain access to the documents.
However, the email is not from the Commonwealth Bank. Instead, it is a phishing scam designed to trick users into divulging their account login details and other information.
Those who click the link in the email will be taken to a fake website that very closely mirrors the appearance of the genuine Commonwealth Bank login page. Once they have "logged in" on the fake page, users will then be asked to provide their email username and password, their date of birth, and their contact details, ostensibly to confirm their account.
After submitting this information, users will be automatically redirected to the genuine Commonwealth Bank website.
Meanwhile, the criminals operating the scam can use the stolen information to hijack the bank accounts belonging to their victims. They can also take control of their email accounts and use them to engage in further spam and scam campaigns in the name of their victims.
The scammers know that many modern banks do offer customers online versions of their banking statements and may send out email notifications when such statements are ready. However, banks will not generally instruct users to follow a direct login link to view statements.
Note also that are another version of the scam is targeting Westpac customers. Other Australian banks may also be targeted.
Phishing is a very common scam. Be wary of any email that asks you to click a link to login and provide account information, regardless of the reason given. It is always safest to access your online accounts by entering the address into your browser's address bar rather than by clicking a link in the message.
Last updated: January 9, 2014
First published: January 9, 2014
By Brett M. Christensen
Pages in this issue:
- 'Paul Walker Still Alive After Accident' Phishing and Survey Scam
- 'Profile Visitors for Facebook' Rogue App and Survey Scam
- PG & E Energy Statement Malware Emails
- Fake Picture: 'Thailand Snake Girl' - Serpentosis Malianorcis
- Tom Crist Lottery Win Advance Fee Scam
- Legoland Child Abduction Attempt Hoax
- Fake Picasa 'New Photos' Emails Point to Dodgy Pharmacy Website
- 'Win a Disney Cruise' Survey Scam
- Bogus Advice - Block Hackers by Adding 'Security' to Facebook Blocking Function
- Fake - Giant Squid Image
- Commonwealth Bank 'eStatement Ready' Phishing Scam
- 'Singer Rihanna Found to be Dead' Facebook Survey Scam
- Satire - Pope Francis and the 'Third Vatican Council'
- Snow Canyon Roadway Image
- Albert (Tapper) Torney and the Can Car Sculptures That He Did NOT Make
- 'Your Atmos Energy Bill is Available' Malware Email
- 'Beware Hack Scam Rollercoaster Clip' Facebook Warning Message
- Sainsbury's 'Customer Satisfaction Survey' Phishing Scame
- Satire - '18 Million Birds Dead New Year's Eve'
- Hoax - 'Marijuana Overdoses Kill 37 in Colorado'
- Hoax Report Claims Paul Walker Faked His Own Death
- 'Shark Eats Swimming Man' Facebook Survey Scam
- 'Notice to Appear in Court' Malware Emails
- 'Most Fatal Car Accident' Survey Scam
- Hoax - Extraordinary Planetary Alignment To Decrease Gravity on January 4
- 'World's Largest Snake Video' Survey Scam
- Michael Jackson Died Years Ago Hoax
- 'My Home is Burning' Facebook Phishing and Malware Scam
- Facebook 'Closed for Maintenance' Prank