Common Fish

0 SophosLabs, Spam
by

Today I came across a phish, nothing new there but it was targeted at one of Australia’s biggest banks, Commonwealth Bank.  The phish claims to be from the Commonwealth Bank, and looks like this

——————————————————————————————————————————–

Dear Member,

Your Online banking account has been locked

To Login, please click the link below:

http://www.xxxxxx.com/online/

——————————————————————————————————————————–

The link goes to a page which looks very much like Commonwealth Banks page. (with genuine links to “Netbank centre” and “Forgotten client number”).

This again highlights the need for users of Internet banking websites to be aware at all times, when accessing their accounts. Fraudulent emails like this one are on the rise and some simple steps can keep you safe. Some tips are:

1. Look at the sender information – This phish came from the sender

Commonwealth Bank of Australia<memberservice@commonweahtl.com>.

There is an obvious typo there in “@commonweahtl.com”.

2. Read up on your financial institution’s policy with regards to sending/requesting personal banking information.

3. Look at the links – This phish asks the user to log into their online bank account. I have purposely obfuscated the phishing link used in this blog post however it is clearly different from the link available directly from the real Commonwealth Bank website.

Some other samples seen are

——————————————————————————————————————————–

Dear Commonwealth Bank of Australia customer,

During our regularly scheduled account maintenance and verification procedures, we have detected a slight error in your billing information.

This might be due to either of the following reasons: 1. A recent change in your personal information ( i.e.change of address). 2. Submiting invalid information during the initial sign up process. 3. An inability to accurately verify your selected option of payment due to an internal error within our processors.

Please update and verify your information by folowing this link:

http://www.xxxxxx.com

If your account information is not updated within 48 hours then your ability to access your account will become restricted.

Thank you

© Commonwealth Bank of Australia 2009 ABN 48 123 123 12

——————————————————————————————————————————–

and

——————————————————————————————————————————-
 ——————————————————————————————————————————-
As always, be very careful and aware of where you send your personal information and do read up on your financial institution’s policy on personal banking.

Cheers

Free tools

Sophos Firewall Home Edition

Boost your home network security.

Sophos Scan & Clean

Free second-opinion scanner for PCs.

Sophos Cloud Optix

Monitor 25 cloud assets for free.