Account hacked phishing email warns
A concerted phishing campaign targeting National Australia Bank users started up on Monday. There are two versions of the phishing email, but they have basically the same content contained within the body of the email. The basis of the phishing email is to warn the recipient their account has been hacked. Of course, the user can restore access by simply clicking on a link provided in the email. It’s all a scam however; the email is not from the National Australia Bank, and the link is to a phishing site.
We have reproduced a copy of the email in Figure A. There are two version detected of this email, but (as mentioned above) the body of the email is the same in both versions. The subject line however varies. One version has “Your account has been hacked or compromised.” The other version uses the subject line “NAB: Your Internet Banking is temporarily suspended.” Both have the senders listed as “NAB”. A National Australia Bank logo appears at the top of the email. The email begins with “Dear Customer”.
The gist of the email is that the user’s Internet Banking account is suspended. The reason given for the suspension of the account is that it may have been hacked or compromised. The recipient is informed that they can click on a link contained in the email. This will allow the NAB to restore access to the account. The text of the link has a domain name that looks like a National Australia Bank domain name.
Regardless of the domain name listed in the link, it does not go back to the National Australia Bank. Mousing over it shows a link to a phishing site. The phishing site will attempt to steal the user’s login credentials and bank account information. The email is not personalised; this is another red flag.
If you do receive this email, delete it.