Scam credit card offers
Today we received a new phishing email that replicates an existing National Australia Bank (NAB) credit card promotion. The email is another attempt by criminals to steal credentials from consumers.
Figure A shows the email with relevant sections expanded for ease of viewing.
The subject line of the email is “0 per cent p.a on purchase for 15 months on a new NAB Low Rate Card.” The sender of the email is listed as “Card Offer”. There are no attachments to the email.
Social engineering is a favourite tool of criminals in their attempts to fool users into clicking on email links. In this case, the perpetrators have piggy backed their email onto an existing credit card promotion being run by the NAB. Criminals often use similar tactics to online marketing in order to cloak their malevolent intentions.
This email rates as being a complex phishing attempt. The criminals have personalised the email (we have blocked out the details of the recipient). The images and the text have been lifted directly from the existing NAB campaign.
Fortunately there are a few indications that the email is not legitimate. Every link that we checked in the email leads back to a phishing site, including the link that is supposedly a National Australia Bank link.
There is also an odd sentence contained within the grey rectangle, where the recipient is informed that “In case you don’t appreciate our mailings any longer, please just unsubscribe.” The wording of the statement is clumsy. No link is provided to enable the user to unsubscribe. However, the bottom of the email does provide a link; not to the NAB but to the phishing site.
If you do receive this email, delete it. Don’t click on the links.