Commonwealth Bank Credit Card Alert Scam
A Commonwealth Bank credit card alert scam has been caught by MailShark spam filters claiming you need to resolve the issue by clicking a malicious link. The Commonwealth Bank of Australia is a multinational bank across Australia, New Zealand, Fiji, Asia, USA and the United Kingdom. Stay safe by deleting this email if received.
Figure A shows the email’s contents. It featured the Commonwealth Bank logo in an attempt to make it convincing and is mostly text with one link which says “Click here to resolve your card now” – please note that clicking this link will lead you to a very dangerous website phishing for your personal banking information.
The subject line reads “Commonwealth Credit Card Alert !” which entices a receiver to open it out of interest, especially if you are with the said bank. The sender is shown as “Commonwealth Bank” but the email address is not associated with the official Commonwealth Bank website – please note they have used a similar looking email which may convince you at first glance, but it is still fake.
Some other points to consider within this email include the lack of a personal greeting, no official header or footer and the generic ending from “management”. The one malicious link in this email will lead you to a phishing website.
Figure B is a safely captured screenshot of the website you will land on if the link within the email is clicked. It is a mediocre branded page attempting to trick you into entering your personal information. Filling out this form will lead to the people behind the scam obtaining your personal information, including your credit card details, which can be used dangerously and for further phishing attacks including spear phishing. If you have fallen for this scam, contact the bank immediately.
When it comes to banking emails always question the email’s nature and contents. If you are ever in doubt, contact your financial institution who should be able to help you identify if the email is authentic. We strongly advise deleting this email straight away if received.