16 million Aussies warned of dangerous Commonwealth Bank email scam

Australians have been warned of a new scam using Commonwealth Bank signage which attempts to lure victims into sharing personal and financial details.

Security firm MailGuard sounded the alarm about the phishing scam targeting as many as 16 million Commonwealth Bank customers, noting that it’s the second time in weeks that scammers have posed as the major ban.

 

In both scams, the fraudsters attempted to harvest victims’ customer account information and credit card details.

What CommBank customers need to watch out for

This latest scam comes in the form of an email with a subject line containing an ‘Electronic Ticket’ number which appears to correspond to an alert from the customer’s NetBank account.

The body of the email warns the victim that they have a ‘Financial Statement’ ready to access, which they can do so by clicking a link.

However, while the sender appears to be ‘NetBank’, the email has actually been sent from scammers. The senders’ email addresses will contain domain names that are not linked to the Commonwealth Bank, which is one of the first signs that this is a scam.

Once the victims click on the link, they are taken to a page that looks like NetBank and are then required to enter their client number and password to access the statement.

After ‘logging in’, the victim is asked to provide credit card verification.

“In addition to branding, details such as a customer contact phone number, security guarantee, privacy policy and credit license number have been provided to feign authenticity and trick the user into believing that the communication is legitimate,” Mailguard warned.

“The customer is then met with a loading page, advising the user that their ‘data is being processed’ whilst it is in fact being harvested by the scammers.”

The final stage of the scam sees a ‘verification page’ shown, which then redirects the user to a legitimate Commonwealth Bank website.

The one way to beat CommBank scammers, every time

The Commonwealth Bank advises customers to always navigate directly the NetBank website themselves, rather than using links sent to them in emails or texts.

It also asks that customers who believe they have been targeted by a scam forward the offending email to [email protected] and then delete it.

MailGuard added that some clear signs of a scam include emails or texts that are not addressed to you by name, and that contain poor English and spelling mistakes.

Additionally, if it is from a business that you were not expecting to be contacted by, that’s another sign something may be up.

Australians have lost nearly $193 million to scams in 2021 so far, already eclipsing the total $176 million sum lost in 2020, according to the Government’s Scamwatch service.

The number of scam reports received has also doubled since the beginning of the year, climbing from 19,845 reports in January to 40,891 in August.

Over the course of the year, victims have lost more than $3.3 million to phishing scams similar to the current CommBank scam.

Article from: au.finance.yahoo.com