Fake Australian bank emails may lead to identity theft - SSO-AL2009-019

02 June 2009

Software and platforms affected

None.

What is the problem?

There has been a spike in fraudulent (phishing) emails targeting the customers of financial institutions. These emails include a fraudulent telephone number and attempt to mislead users into ringing the number and supplying personal financial information, such as bank account numbers, credit card numbers, PINs and passwords using the telephone key pad. Supplying the information has the potential to lead to fraudulent transactions involving your accounts.

The subject lines of the email include, but are not limited to:

Your Cashback Bonus Is Waiting For You
Card Reactivation
Important Information About Your Online-Account
Your card has been automatically enrolled
Important Warning: Rectify Your Online Banking Details Errors.
Your card has been automatically enroled in the MasterCard SecureCode
Service announcement.
You are eligible to receive a tax refund
Customer Satisfaction Survey
Maestro Card Online survey!
1 New Message
Important Information About Your Online-Acct
Member Satisfaction Survey
New Security Measures

The content of the emails all differ slightly but possess similar characteristics, that include, but are not limited to requests to:

call an Activation Centre telephone number

click on links to complete a survey

confirm your billing information

retrieve important information about your account, or

verify and confirm your email address.

The Australian telephone numbers within the email message include, but are not limited to:

02 6108 4654

07 3123 5996

07 3018 8670

08 7123 3018

02 8005 6713

What we recommend you do

If you receive an email similar to one of these, do not reply, click on the link in the email or call any telephone numbers in the email.

If you have already clicked on the link and responded to the request for information, the information you supplied such as your account number, username, password or credit card details have probably been captured by a criminal. You should change your password for this account immediately and contact your financial institution.

If you have called any of the fraudulent telephone numbers, please use the Australian White Pages to find the correct telephone for your bank and notify your bank immediately.

Where you can find more information

See the Stay Smart Online Fact Sheet: Protecting yourself from phishing attacks and the Department of Broadband, Communications and the Digital Economy's Phishing - Don't Take the Bait.

Disclaimer

This Alert has been prepared by AusCERT for the Department of Broadband, Communications and the Digital Economy.

The information is intended for used by home users and small to medium sized businesses and is general information only and not intended as advice and was accurate and up to date at the time of publishing. The material and information in this Alert is not adapted to any particular person's circumstances and therefore cannot be relied upon to be of assistance in any particular case. In any important matter, you should seek professional advice relevant to your own circumstances.

The Commonwealth, AusCERT, and all other persons associated with this Alert accept no responsibility or liability for information either included or referred to in the Alert. No responsibility or liability is accepted for any damage, loss or expense incurred as a result of the information contained in the Alert, whether by way of negligence or otherwise.

The listing of a person or organisation in any part of this site or Alert does not imply any form of endorsement by the Commonwealth of the products or services provided by that person or organisation. Similarly, links to other web sites have been inserted for your convenience and do not constitute endorsement of material at those sites, or any associated organisation, product or service.

Please note that material in this Alert, as the case may be, includes views or recommendations of third parties, which do not necessarily reflect the views of the Commonwealth, or indicate its commitment to particular course of action. Material on this site or in this Alert may also include information provided by third parties. The Commonwealth cannot verify the accuracy of information that has been provided by third parties.

		SEARCH
Home Advisories Alerts Newsletters Subscribe or Log In Visit Stay Smart Online	Larger text Smaller text You are here: Stay Smart Online Alert Service > Server applications > Fake Australian bank emails may lead to identity theft - SSO-AL2009-019 Fake Australian bank emails may lead to identity theft - SSO-AL2009-019 02 June 2009 Software and platforms affected None. What is the problem? There has been a spike in fraudulent (phishing) emails targeting the customers of financial institutions. These emails include a fraudulent telephone number and attempt to mislead users into ringing the number and supplying personal financial information, such as bank account numbers, credit card numbers, PINs and passwords using the telephone key pad. Supplying the information has the potential to lead to fraudulent transactions involving your accounts. The subject lines of the email include, but are not limited to: Your Cashback Bonus Is Waiting For You Card Reactivation Important Information About Your Online-Account Your card has been automatically enrolled Important Warning: Rectify Your Online Banking Details Errors. Your card has been automatically enroled in the MasterCard SecureCode Service announcement. You are eligible to receive a tax refund Customer Satisfaction Survey Maestro Card Online survey! 1 New Message Important Information About Your Online-Acct Member Satisfaction Survey New Security Measures The content of the emails all differ slightly but possess similar characteristics, that include, but are not limited to requests to: call an Activation Centre telephone number click on links to complete a survey confirm your billing information retrieve important information about your account, or verify and confirm your email address. The Australian telephone numbers within the email message include, but are not limited to: 02 6108 4654 07 3123 5996 07 3018 8670 08 7123 3018 02 8005 6713 What we recommend you do If you receive an email similar to one of these, do not reply, click on the link in the email or call any telephone numbers in the email. If you have already clicked on the link and responded to the request for information, the information you supplied such as your account number, username, password or credit card details have probably been captured by a criminal. You should change your password for this account immediately and contact your financial institution. If you have called any of the fraudulent telephone numbers, please use the Australian White Pages to find the correct telephone for your bank and notify your bank immediately. Where you can find more information See the Stay Smart Online Fact Sheet: Protecting yourself from phishing attacks and the Department of Broadband, Communications and the Digital Economy's Phishing - Don't Take the Bait. Disclaimer This Alert has been prepared by AusCERT for the Department of Broadband, Communications and the Digital Economy. The information is intended for used by home users and small to medium sized businesses and is general information only and not intended as advice and was accurate and up to date at the time of publishing. The material and information in this Alert is not adapted to any particular person's circumstances and therefore cannot be relied upon to be of assistance in any particular case. In any important matter, you should seek professional advice relevant to your own circumstances. The Commonwealth, AusCERT, and all other persons associated with this Alert accept no responsibility or liability for information either included or referred to in the Alert. No responsibility or liability is accepted for any damage, loss or expense incurred as a result of the information contained in the Alert, whether by way of negligence or otherwise. The listing of a person or organisation in any part of this site or Alert does not imply any form of endorsement by the Commonwealth of the products or services provided by that person or organisation. Similarly, links to other web sites have been inserted for your convenience and do not constitute endorsement of material at those sites, or any associated organisation, product or service. Please note that material in this Alert, as the case may be, includes views or recommendations of third parties, which do not necessarily reflect the views of the Commonwealth, or indicate its commitment to particular course of action. Material on this site or in this Alert may also include information provided by third parties. The Commonwealth cannot verify the accuracy of information that has been provided by third parties.
	Last Updated: 2009-06-02 Copyright \| Privacy \| Disclaimer