Phishers launch triple attack on Aussie banks

The Reserve Bank of Australia has issued a warning about a phishing e-mail that targets customers from three of Australia's largest banks -- ANZ, Westpac and the Commonwealth Bank.

In a joint media release published on Monday, the RBA and the Australian Bankers' Association (ABA) warned online banking users to "be very suspicious of e-mails sent by people unknown to you, containing misspelt words and directing you to a link".

Unusually, this phishing attack was targeting three banks at the same time. The phishing e-mail was designed to look like an official message from the RBA and advised customers to click on the relevant link to "to preserve your account stability with any of this [sic] banks, kindly confirm your account registration with new the Reserve Bank of Australia(RBA) by clicking your bank link below to confirm your account security now".

A PDF version of the phishing e-mail is available here.

Paul Ducklin, head of technology in APAC for Sophos, said that he didn't think this particular e-mail would fool many people.

"I don't know how convincing that would be because I suspect most people know the RBA issue the bank notes -- I don't think people expect to see correspondence from the RBA.

"However, there may be people that would not believe e-mails from their individual banks but may [be convinced] if it comes from a higher authority," said Ducklin.

An ABA spokesperson told ZDNet Australia that the Australian High Tech Crime Unit had been informed.