St George internet banking disabled
Another phishing email campaign has surfaced. This campaign targets St George Bank customers. The email warns the user that their account has been disabled. A security audit of the user’s account has found an issue. This has caused the account to be disabled. The email presents a link which the recipient can click on to re-enable their account. The email warns users to “log off completely” from their online banking account if they are using a public computer. It’s heart-warming to receive a morsel of security information from a phishing email. Or not.
Figure A is the email in question. It is a nondescript effort. No St George branding or logos are used. The email sender is “St George Bank”. It is a spoofed email address. The greeting is “Dear Customer”. The email advises the customer that their account has been disabled for security reasons. There is one link in the email. The link has the anchor text “Click Here”. The email is from the Security Department. The email signs off with security advice. The footer of the email contains standard information including an Australian Business Number (ABN). It also mentions St George is a division of Westpac.
There are a few giveaways that this email is a fake. There is a spelling error in this email. There are instances of clumsy grammar. The email uses a generic greeting. And the big one is the link. We checked the link and found it led to a phishing site. The phishing site looks like the genuine St George online banking site. There are differences. The phishing site steals your login details. People have been fooled by phishing sites and received a shock when their bank account is suddenly emptied. Don’t click on the links. Delete this email.