Debunking email hoaxes and exposing Internet scams since 2003!


Hoax-Slayer Logo Hoax-Slayer Logo

DividerDivider
Home    About    New Articles    RSS Feed    Subscriptions    Contact
DividerDivider
Bookmark and Share





Westpac 'New Confirmation Form' Phishing Scam

Outline
Email purporting to be from Australian bank Westpac claims that all customers must complete and submit a new "confirmation form" contained in an attached file.

Hooked on credit

© Depositphotos.com/ Brian Jackson



Brief Analysis
The message is not from Westpac.  It is a phishing scam designed to trick Westpac customers into sending their personal and financial information to cybercriminals. The criminals can use the stolen information to commit credit card fraud and identity theft.

Bookmark and Share
Example

Subject: Message id: #885131

Dear Westpac Bank Customer

We would like to inform you that we have released a new version of Westpac Confirmation form. This form is required to be completed by all Westpac Customers.

To complete this form, download attached to this email.

Thank You,

Westpac Bank

Westpac Phishing Scam


Detailed Analysis


This email, which claims to be from Australian bank Westpac, informs recipients that a new version of the bank's confirmation form has been released and that all customers must complete the new form. Recipients are instructed to open an attached file containing the form.

However, the email is not from Westpac and the claim that Westpac customers must update their details via the attached form is a lie.

The message is a phishing scam designed to fool unwary Westpac customers into sending their personal and financial information to Internet criminals. Customers who comply and open the attached file will be presented with the HTML form shown in the example above. The form opens in a web browser and includes the Westpac logo, formatting and colour scheme as a means of making the form seem legitimate. The form asks for name and contact details and drivers licence numbers as well as credit card information and account passwords.

When users click the "Continue" button, all of this information will be sent to the scammers. The scammers can then use the stolen information to conduct fraudulent credit card transactions and steal the identities of victims.

Despite a great deal of publicity, people all around the world continue to fall for phishing scams every day. Phishing continues to be one of the most common types of Internet fraud. Your bank will never send you an unsolicited email that asks you to supply sensitive personal and financial information via a form in an attached file or by clicking a link.

It is always safest to login to all of your online accounts by entering the account address into your browser's address bar rather than by clicking a link or opening an attached file.

You can report Westpac phishing scams you receive via the reporting email address listed on the bank's website.

Bookmark and Share

Last updated: August 22, 2013
First published: August 22, 2013
By Brett M. Christensen
About Hoax-Slayer

References
Phishing Scams - Anti-Phishing Information
Prevent fraud and scams




Go to Mobile Version