Westpac Password Reset Phishing Scam
An unseen before Westpac password reset phishing scam email attempt has been caught by MailShark filters attempting to collect your log in information. The bank being targeted is Westpac, an Australian bank and financial services provider with over 12.2 million customers. We strongly advise reading the rest of this article to keep yourself safe from this malicious scam attempt – Delete the email from your inbox if received.
Figure A is a copy of the Westpac password reset phishing scam attempt. It is plainly branded and uses the Westpac colour (red). The subject line reads “Customer ID suspended!”, which intrigues interest so the receiver will open it. If opened, the receiver could easily fall for the scam attempt if they are banking with Westpac. The sender is shown as an email address ending in “@westpac.com” – this is a vert tricky tactic used and is an advanced scam technique, but don’t be fooled.
There are several points to remember which can help you identify this phishing attempt and others:
- Lack of personal greeting
- Email address used in place of personal greeting (in black for privacy reasons)
- No official Westpac header of footer
- No official sign off
- Pushy wording
- Lack of overall branding
Figure B shows the website you will land on if the malicious link within the email is clicked. It is extremely well branded and looks to be an almost exact match to the official Westpac banking website. It asks you to reset your password and has all the information you would expect to see on this page. DO NOT BE FOOLED. This page is a duplicate that will scam your banking login data. It is an extremely dangerous website to land on – avoid getting here by deleting the email from your inbox.
There are many similar bank related phishing scam attempts and we suggest to always speak directly to your bank if you have any questions, through an official phone number or personally visit a branch. These scams are too easy to fall for and can lead to devastating consequences. Stay safe online and invest in spam software for your emails or a Cloud-based solution like MailShark, to lessen your chance of receiving such a malicious phishing attempt.