Commonwealth Bank customers have been warned over a phishing scam email sent to Australian customers claiming their NetBank account has been ‘temporarily suspended’.
Cloud security firm Mailguard first sounded the alarm bells after detecting a series of suspicious emails.
Watch the video above to see how scammers are dialling up with new tactics
It alerted the 15.9 million customers Commonwealth Bank customers to a number of dubious components of the email.
Firstly, the email – with the subject ‘[Alert] Confirm your NetBank account (Case ID #AU 0PPC001701)’ – is seemingly sent by a sender whose display name is ‘Commonwealth Bank’ and is accompanied by an authentic-sounding sender email address.
But closer inspection of the email sender would show users that the actual sender email address is ‘whulk(at)whulk(dot)com’.
“Busy and distracted recipients who don’t take care to think twice, could be forgiven for thinking the email is legitimate,” Mailguard warned.
Anyone who clicked on the ‘Confirm My Account’ button would be taken to a web page that looks like the actual NetBank login page, where they are instructed to enter their details
“Of course, the login page is a scam,” Mailguard said.
“Once recipients have completed the first phishing page they will have mistakenly provided their NetBank credentials, including their Client number and Password to cybercriminals.”
It then calls on users to enter…
