Fake bank email tries to con customers

In Australia, an email purporting to be from a bank attempts to trick people into revealing their account details

Another fraudulent email is doing the rounds, this one attempting to trick people into providing their Westpac bank account details.

According to Andrew Kent, the chief executive of SpamTrap, the emails were sent out in the early hours of this morning. SpamTrap’s honeypots collected samples of the fraud between the hours of 1.45 a.m. and 8.10 a.m. Over 800 examples of the fraudulent email were collected, more than twice the number collected during similar scams earlier this year.

Like the earlier scams, this email utilised graphics from Westpac’s Web page, as well as a fake link that purports to lead to the legitimate Westpac site but instead takes you to a fake site. However, unlike previous attempts, where the fake address could be spotted by holding the cursor over the link and viewing the fake URL in the taskbar, this email displayed the URL for the real Westpac site in the taskbar.

It achieved this by having the link as the real URL followed by a large number of spaces written in HTML code, some random characters, an “@” symbol and the fake URL. The large number of spaces forced the second part of the address out of view on the taskbar. According to Kent, the “@” symbol causes the browser to ignore everything before it and jump straight to the URL after it.

“It’s a hard thing for the banks to do anything about,” Kent told ZDNet Australia. “Apart from user education there’s very little you can do.” Kent said that because the fraudulent email is mass-mailed to a large number of addresses, an effective spam filter will prevent it. He said none of these scams had made it through SpamTraps defences, as they were registered as spam.

The latest scam also resembled the others in the use of poor grammar, such as “Our new security system will help you to avoid frequently fraud transactions and to keep your investments in safety” and “Due to technical update we recommend you to reactivate your account”.

Show Comments