Fri, 8 Mar, 2019
New scam warning for ANZ bank customers – beware of this email
ANZ are warning customers of a new email scam that’s targeting their internet banking login details.
This is a sophisticated email scam, as the email address that’s being used looks similar to ANZ’s support email. The scam email address is: @anzsupport.cf.
The body of the ANZ-branded email goes into detail, explaining that the bank will be introducing “challenge questions” to protect customers and add an extra layer of security.
Warning: Be wary of this #phishing #email scam mimicking @ANZ_AU . Directing users to confirm their ‘challenge questions’, the emails look legitimate, complete with the bank’s branding & logos. Don’t click on any #links. More details in our blog soon #fastbreak #zeroday #hacked pic.twitter.com/TOLJvzVUr9
— MailGuard (@MailGuard) March 5, 2019
Once you click on the link to confirm your challenge questions, customers are taken to an authentic ANZ login page, which asks for your customer registration number and password.
Naturally, once you enter these details in, the hackers have your internet banking login details and the sensitive information is handed over.
Once the details are entered, customers are then taken to a page where you can choose your three challenge questions and provide answers.
Once you’re finished with the questions, you’re taken back to the official ANZ AU page, which makes the scam even more convincing to customers due to the consistent ANZ branding all the way through.
Email security firm MailGuard explains why the criminals have gone into such great detail.
“Cybercriminals have taken great pains to replicate official landing pages from ANZ – including incorporating the bank’s branding and logo using high-quality graphical elements.
“If you tell the scammers your security question, it allows them to attempt other fraudulent actions, such as calling them back and trying to access your accounts.”
ANZ have advised their customers to be on the lookout, as they do not send emails asking for personal information or security credentials.
If you’ve received an ANZ scam email, here’s some steps you can take
- Do not open any attachments or enter in any personal information.
- Forward the suspicious email to email@example.com.
- Delete the message from your inbox.
Have you received this scam ANZ email? Let us know in the comments.