Westpac account temporarily shutdown
Another concerted phishing campaign targeting Westpac users has been detected this week. This campaign features a simple looking phishing email that warns the recipient that their Westpac account has been temporarily shutdown, due to concerns about fraud. Actually, the email itself is the only fraud.
We have reproduced a sample of the emails received in Figure A. The subject line of the email is “1 New Message!” The sender is listed as “support”. It’s a fairly basic sort of phishing email. No Westpac logos are present. There is one link present in the email, with the text “Westpac Online Banking”. The email commences with the greeting “Dear Customer” and ends with several lines showing contact details for Westpac. This is an attempt to make the email look authentic. There is one link contained in the email.
The reason for the email is to warn the recipient that their account may have been used for fraudulent activities. The email goes on to explain that the user’s Westpac account has been temporarily shutdown. To reactivate the account, the user is encouraged to click on a link contained in the email. There is no sign off.
Although it is a simple looking email, the Westpac contact details listed at the bottom of the email may fool some people into thinking the email is genuine. The creators of the email have placed the correct text of Westpac URL at the bottom of the email, but they have not linked a URL to it.
One of the signs this is not from Westpac (leaving the lack of a Westpac logo) is the salutation. Banks will address an email to the name of the account holder. Another big sign is the link. Mousing over it shows that it does not link back to Westpac. Instead, it links to a malicious site that resembles the Westpac internet banking site.
This email is a phishing email, and is designed to steal user’s banking login credentials. Delete it if you receive it.