Mandatory Account Verification phishing email
Once again, we received a phishing email targeting ANZ bank customers. This is a low grade phishing email. The danger is in the attachment to the email.
Figure A shows the email. There is no ANZ branding or logos used in the email. The subject of the email is “Update ID-1820ANZ2015”. “ANZ Bank” is listed as the sender of the email. The email opens with the greeting “Dear client”. The email contains an attachment called “Update ID-1820ANZ2015.html”. The email’s footer has a basic copyright notice. The text “Update ID-1820ANZ2015” also appears near the foot of the email.
The reason given for the email is a “large number of identity theft attempts targeting ANZ customers”. The email tells the recipient to fill out the attached form. The email states that confirmation of “PERSONAL DETAILS” (their caps) is “mandatory”. This pressures the recipient into downloading and filling out the form.
This pressure is common in phishing emails. The email creators are hoping that the recipient will not inspect the email too closely. The email further pressures the recipient by threatening consequences for non-compliance. These consequences are suspension of the users account.
This email is a fake and is a crude facsimile of a genuine ANZ email. Even simple emails can trick users. One social engineering tactic used in this email is threats. Another tactic is telling the recipient the process is mandatory. Implied threats are the recipient’s account being hacked.
There are signs that this email is not genuine. The greeting is the first sign. Banks simply do not use a generic greeting. They will use the name of the account holder. The second sign is the poor grammar. The email attachment is a link to a phishing site. This looks like the genuine ANZ site. It is malicious, though, and will steal banking details.