According to this email, which purports to be from an Accounting Department Specialist at the National Australia Bank (NAB), your monthly account report is included in an attached file.
The email features the NAB logo and red banner and advises that ‘all the details are in the attachment’.
However, the email is a scam. NAB did not send it. At first glance, the email may seem to be a typical phishing scam designed to trick you into divulging your account information via a fake web form.
In this case, however, the attachment contains malware rather than a phishing form.
Opening the attached .zip file reveals an ‘account review’ .exe file. If you click this .exe file, malware can be installed on your computer. Once installed, the malware can then attempt to download a large amount of other malware. This malware may steal your banking and social media account login information and send it to criminals waiting online.
In some cases, ransomware may be downloaded. Ransomware can lock the files on your computer so that you can no longer access them and then demand that you pay a fee to receive an unlock key.
Be very wary of any unsolicited email from your bank that instructs you to click a link or open an attached file to update details or view account information.
Subject: Monthly account report
We are forwarding Your monthly report regarding the account. All the details are in the attachment.
Accounting Department Specialist
nab Bank PLC