Account suspended phishing email warns
Once again, NetBank users are being hit with a phishing campaign. This one warns that the user’s account has been locked (due to 3 unsuccessful login attempts) and as a consequence the user’s accounts have been suspended, including the “funds inside”. Yes that’s right; the funds in your account have been suspended. Of course, you can fix this loss of liquidity by clicking on a link contained in the email.
We present the email in question as Figure A. It uses a realistic looking Commonwealth Bank logo. The greeting is “Dear Valued Customer”, whilst the sender is listed as “NetBank”. There is one link contained in the email, with anchor text “Please click here to proceed with account review”. The email sign off is “Commonwealth Bank Security Team”. A short line containing details of the Commonwealth Bank (including an ABN) is fixed to the bottom of the email.
According to the email, the recipient’s account has been locked due to an incorrect password being entered 3 times. The email goes on to say that “your account access and the hold on your funds will be released as soon as you verify your information.” The user is requested to either visit a branch or to click on the link to verify their account.
The are a few signs that this email is not from the Commonwealth Bank. The big one is actually the email address the criminals have used in the “From field”. They have actually spoofed not a Commonwealth Bank domain, but a National Australia Bank domain. Aside from that, there are a couple of grammatical errors, the email is not personalised, and the link does not lead to the Commonwealth Bank website.
Mousing over the link shows that it leads to a phishing site that looks like the NetBank site. The criminals have also used a domain name that is similar to the Commonwealth Bank domain. This is a trick that has been employed by criminals before, and will continue to be used. If you do receive this email delete it.