Debunking email hoaxes and exposing Internet scams since 2003!

Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider


Site Navigation










Suncorp Bank '1 Unread Message' Phishing Scam

Outline
Message purporting to be from Australian financial entity Suncorp, urges recipients to click a link to view an unread message in their online banking account.



Brief Analysis
The message is not from Suncorp. In fact, it is a phishing scam designed to fool recipients into visiting a fraudulent website and divulging their bank account details to cybercriminals.

Bookmark and Share

Enter your email address to subscribe to the Hoax-Slayer Newsletter:






Scroll down to submit comments
Last updated: November 13, 2012
First published: November 13, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer


Example

From: Suncorp Bank
Sent: Monday, November 12, 2012 1:11 PM
Subject: 1 Unread Message


Dear Customer,

You Have One Unread Message In Your Online Banking Account

VIEW YOUR MESSAGE

Regards,

Suncorp Bank Phishing Scam



Detailed Analysis
This short and simple message, which purports to be from large Australian financial entity, Suncorp, claims that the recipient has a message waiting to be read online. The recipient is urged to click a link to view this "one unread message".

However, the message is not from Suncorp. In fact, the message is a phishing scam designed to trick recipients into submitting their bank login details to Internet criminals. Those who fall for the ruse and click the link will be taken to a fake website that has been constructed so that it closely resembles a genuine Suncorp web page. Once on the fake site, recipients will be told to login with their usual customer ID and password, ostensibly so that they can securely view their message. However, there is no message, and the login details provided on the fake site can be collected by criminals and used to hijack real Suncorp accounts.

Phishing continues to be a very common and successful type of criminal activity that finds new victims around the world every day. Be very cautious of any unsolicited email from your bank that asks you to click a link to login and provide personal information. It is always safest to access all of your online accounts by entering the account web address into your browser's address bar rather than by clicking a link in an email.

Suncorp has published information about such phishing attempts on its website. The article includes information about what to do if your receive a Suncorp phishing scam and how to submit suspect messages to the company.

Bookmark and Share



References

Phishing Scams - Anti-Phishing Information
Receiving Hoax Emails (known as "Phishing")

Last updated: November 13, 2012
First published: November 13, 2012
Article written by Brett M. Christensen
About Brett Christensen and Hoax-Slayer