Email purporting to be from Australia’s Commonwealth Bank claims that you have a new Internet Banking message.
The email is not from the Commonwealth Bank. Clicking the ‘Log On’ button included in the message opens a fraudulent website designed to steal your bank login credentials.
According to this ‘New Message Notification’ email, which claims to be from Australia’s Commonwealth Bank, you can click a Log On button to access a ‘new Internet Banking Message’. The email features the Commonwealth Bank logo along with a copyright notice in the footer.
However, the email is certainly not from the Commonwealth Bank. If you click the Log On button, you will be taken to a fraudulent website that has been built to closely mirror the bank’s genuine home page. After you enter your login details on the bogus website, you will be automatically redirected to the real Commonwealth Bank website.
Meanwhile, cybercriminals can collect the details you submitted on the scam website and use them to hijack your account. Once they have gained access to your account, they can transfer your funds to other accounts and conduct other fraudulent transactions.
Phishing scams like this one are very common. Be wary of any email that tries to get you to click a link or open an attached file to view a message, rectify a supposed account issue, or update your details. It is always safest to access all of your online accounts by entering the account address into your browser’s address bar or via a legitimate account app.
The security section of the Commonwealth Bank website has information about staying safe online and reporting scam attempts like this one.
Last updated: April 4, 2016
First published: April 4, 2016
By Brett M. Christensen