The banking industry is increasingly becoming a favourite among cybercriminals. After intercepting multiple variations of an email scam spoofing NAB earlier today, MailGuard has now detected another phishing email scam purporting to be from Westpac.
Using a display name “Westpac Bank”, the emails are actually sent by what appears to be a compromised account. The message body is in plain-text, advising recipients that some unusual activity was noticed on their account. Their account has been temporarily locked and a link is provided to re-activate their account (see ‘westpac phishing email’).
Unsuspecting recipients who click on the link are led to a Westpac branded phishing page, asking for their account ID and password (see westpac 2).