Call a Commonwealth phish?

Recently we have seen a surge in phishes targeting Commonwealth Bank of Australia. Following on from last week (2), today we have seen a ‘phone phish’.

The phone number listed is a valid Australian number which can be dialed.

Once dialed, there is a automatic pre-recored message, which requests you to enter your details.

I called up the number and this is how the conversation went:

——————————————————————–

“Welcome to Commonwealth Bank, Our records indicate that your account is restricted. Please wait on the line to activate your account.”

“Please enter your card number, followed by the pound sign”

<< Enter fake card number, needs to be 16 digits >>

“Please enter your card expiration date followed by the pound sign”

<< Enter fake expiry date, needs to be 4 digits >>

“To protect your security and privacy, please enter your pin, associated with your card, followed by the pound sign”

<< Enter fake pin, needs to be 6 digits >>

“Please wait while we activate your card”

“Congratulations, you have successfully activated your card. Thank you for banking with Commonwealth bank. Have a nice day.

——————————————————————–

Another phish to watch out for.