New Year brings new phishing campaigns
The New Year has brought with it a mix of old and new phishing campaigns. This morning we extracted several emails from MailShark spam filters that point to a different tack being tried by criminals in their attempts to fool users into surrendering personal information.
The email we extracted is as shown in Figure A and targets ANZ customers. The subject line of the email reads “ANZ: Message Notification” (or in another version, “ANZ: “Internet Banking Service Notification”), whilst the sender reads “ANZ”. The body of the email contains the ANZ logo, with a statement embedded in it, informing the recipient that they have a “new Internet banking message.”
What marks this phishing email out from some of the others recently featured in our News section is the lack of one particular social engineering trick usually employed by criminals. It’s not actually suggesting the recipient needs to “do something” urgently. On the other hand, it also doesn’t give much of a hint as to what the message is about.
The email may look authentic on a cursory look, but closer examination shows a few issues. For one, it is not personalised. This is the biggest giveaway; as stated many times before, banks always will personalise an email.
Mousing over the sole link in the email shows that it does not lead back to the ANZ internet banking site. Rather, it leads to a phishing site. Phishing sites are often put up quickly and taken down just as quickly. The turnaround can often take place in days or even hours. The phishing emails are simply adjusted to use a new phishing site. This means that phishing sites are hard to track.