A phishing scam targeting Commonwealth Bank customers has been flooding inboxes across the country.
With a display name of “Commonwealth Bank of Australia”, the subject of the email reads: “You have 1 IMPORTANT – security message”.
The message tells the “valued customer” they have a security message and provides a link to Netbank.
Unsuspecting recipients who click on the link are led to a web page that’s nearly identical to the authentic Commonwealth NetBank login page.
Login credentials entered on this page are then harvested before the customer is redirected to the actual Commonwealth web portal.
Cyber security company MailGuard said scammers will continue to target banks and their customers.
“This is another reminder for those who utilise online banking, to pay close attention to the emails they receive from their bank,” MailGuard said in a statement.
“To best protect yourself, it is imperative that you do not click any link contained within an email, especially if it does not address you by name (as in the scam above).
“It is best practice to type the website URL into your browser or use the official banking app in this instance.”
Another scam currently hitting inboxes is attempting to trick NAB customers to deliver a malicious payload.
The email advises customers their card has been placed on hold after usage “in a different location” and urges them to “download the attached form and get verified within minutes”.
“MailGuard understands that unsuspecting recipients who open the attachment form are required to fill in a form asking for their user credentials and personal info,” the company explained.
“Once this is submitted, these details are harvested and the user is redirected to a fake confirmation page.”
Other scams to watch for:
Facebook email scam: Victims told account is locked, asked to verify their identity by providing scanned copies of their Driver’s Licence, Passport, Medicare card or other valid IDs.
Google Calendar Scam: Exploits a default feature which gives the ability to add invitations and events automatically to calendar apps unless turned off manually.
BPAY email scam: Customers receive an email painstakingly formatted to look like an official correspondence from the bank, with the body explaining the last BPAY payment has been put on hold.
ANZ email scam: Disguised to look like it has been sent from an official ANZ email and advises customers their “internet banking access has been temporarily locked”.
Queensland Police ATO scam: Scammers use the trusted phone number of a government department and impersonate an employee to advise the victim they have an outstanding fine or fee that must be paid.
Australia Post scam: Attempts to redirect the victim to a fraudulent Post Bill Pay website where there credit card details could be stolen.
Netflix scam: Email scam gives the appearance of being sent from the streaming service and advises Netflix has been blocked because of a problem with billing.
ATO email scam: Exploiting the well-established reputation of the government agency, the email scam tells the recipient the ATO is trying to contact them in regards to an undisclosed matter.
Telstra phone scam: Man hit with more than $10,000 in charges after scammers opened 10 mobile accounts in his name without his permission or knowledge.
© Nine Digital Pty Ltd 2019