CommBank New Message Notification Phishing

CommBank New Message Notification Phishing

Commonwealth Bank, commonly recognised as CommBank, are no strangers to email scams targeting their customers. This phishing scam follows the same trend most banking email scam attempts use. It is generic enough to intrigue, interest and also scare the receiver into clicking through to a malicious website to learn more. Keep reading to find out more about this dangerous message notification phishing scam.

Figure A is a screenshot of the email’s contents. It is well branded to suit the Commonwealth Bank and is simply designed. The main goal of this scam attempt is to get you to click the ‘log on’ button, where they will then attempt to capture your log in information.

The subject line reads “New Message Notification” which is generic enough to intrigue interest to open then, if you are a CommBank member, you are even more likely to fall for this once seeing its contents. The sender is shown as “Commonwealth Bank of Australia” however, the email address is a Gmail account which is an obvious spam sign; the email address used and contents of this email is in no way associated to the Commonwealth Bank website or brand. Clicking anywhere within this email will put your data at risk, as you are lead to a convincing phishing website.

MailShark CommBank New Message Notification Phishing
Figure A – Click to Enlarge

Figure B is a safely captured screenshot of the malicious phishing website posing as the Commonwealth Bank online log in portal. It is very well copied from the original version and could easily convince victims. Entering your log in data for NetBank here will lead to your data being stored and shared through malicious channels and most likely accessed by the scammers.

MailShark CommBank New Message Notification Phishing Visit Website
Figure B – Click to Enlarge

Figure C displays the legitimate CommBank Login Portal at the time of this writing. It’s easy to see how convincing the fake site is when comparing with the live legitimate version.

MailShark CommBank New Message Notification Phishing Scam Legitimate Website
Figure C – Click to Enlarge

We strongly suggest deleting any trace of this email and contacting your financial institution if you think your data may be at risk. Bank phishing scams are constantly being caught through MailShark spam filters, so contact your bank before clicking any links in an email similar to this one or if you are suspicious of its nature.

Where in the world did the bulk of this Email come from?

Check out our Global Spam Sources page, for a World map of spam sources.

Steph Kent
MailShark
Free anti-spam service
Free email filter service

Share This Post

Post Comment