Message supposedly sent by Australian bank Westpac, notifies recipients that a payment to a biller has been successfully processed and invites them to click a link to view transaction details.
Westpac did not send the email. The message is a phishing scam that attempts to lure Westpac customers into visiting a fraudulent website and providing their account login details. Criminals will use the stolen information to hijack Westpac bank accounts belonging to their victims.
Subject: Bill Payment – 02/22/2014
Westpac Bill Payment
Category: Successful transactions
02/22/2014 07:27 PM
Your bill payment to the following biller has been successfully processed:
From Account: XXXXXX445774 Complete Access
Biller Name: AGL Sales Pty Ltd
Biller Nickname: bruce
To Biller: Mega Sales Pty Ltd
Customer Reference No: 0000810010288126606
View transaction details
This is an automated message please do not reply.
This email, which was supposedly sent by large Australian bank Westpac, informs recipients that a payment to a biller has been successfully processed. The email includes details of the bill payment and invites recipients to follow a link to view more information about the transaction. The message includes the Westpac logo.
But, alas, the email is not from Westpac. It is a phishing scam that was created with the goal of tricking recipients into giving their Westpac account login details to cybercriminals.
Some Westpac customers who receive the bogus notification may be panicked into clicking the link in the mistaken belief that their accounts have been compromised and used to conduct fraudulent transactions in their names.
Those who do follow the ‘view transaction’ link will be taken to a fake website tricked up so that it closely mirrors a genuine Westpac webpage. The fake site presents a bogus login form that even features the virtual keyboard security option that is used on the genuine site.
After victims provide their login information on the bogus site, they will be automatically redirected to the genuine Westpac home page. They may be puzzled as to why they have not been taken to the transactions details page they expected.
Meanwhile, however, the criminals responsible for the phishing campaign will collect the submitted login credentials. The criminals can use the stolen credentials to access their victims’ bank accounts, transfer funds and commit further fraudulent transactions.
If you receive one of these emails, do not click any links or open any attachments that it contains. Westpac has published information about phishing scams and how to report them on its website.
Phishing continues to be a very common form of cybercrime that gains new victims all around the world every day.
Importance NoticeAfter considerable thought and with an ache in my heart, I have decided that the time has come to close down the Hoax-Slayer website.
These days, the site does not generate enough revenue to cover expenses, and I do not have the financial resources to sustain it going forward.
Moreover, I now work long hours in a full-time and physically taxing job, so maintaining and managing the website and publishing new material has become difficult for me.
And finally, after 18 years of writing about scams and hoaxes, I feel that it is time for me to take my fingers off the keyboard and focus on other projects and pastimes.
When I first started Hoax-Slayer, I never dreamed that I would still be working on the project all these years later or that it would become such an important part of my life. It's been a fantastic and engaging experience and one that I will always treasure.
I hope that my work over the years has helped to make the Internet a little safer and thwarted the activities of at least a few scammers and malicious pranksters.
A Big Thank YouI would also like to thank all of those wonderful people who have supported the project by sharing information from the site, contributing examples of scams and hoaxes, offering suggestions, donating funds, or helping behind the scenes.
I would especially like to thank David White for his tireless contribution to the Hoax-Slayer Facebook Page over many years. David's support has been invaluable, and I can not thank him enough.
Closing DateHoax-Slayer will still be around for a few weeks while I wind things down. The site will go offline on May 31, 2021. While I will not be publishing any new posts, you can still access existing material on the site until the date of closure.
Thank you, one and all!