Sophisticated new online banking scam targeting Aussies by email

Those targeted are sent an email with the display name of 'ANZ', while the subject reads 'Successful BPAY Payment Advice'. Source: Getty.

Customers who bank with ANZ are being warned of an elaborate new email scam which could see criminals gain access to their online banking accounts.

The phishing scam has been designed to look exactly like an official ANZ communication, in a bid to trick unaware victims into willingly handing over their usernames and passwords, as well as the answers to their secret security questions, reports Nine News.

According to the news outlet, those targeted are sent an email with the display name of ‘ANZ’, while the subject reads ‘Successful BPAY Payment Advice’. The message claims that a user-requested BPAY payment has been successful, advising customers that $2,542.74 has been debited from their account.

The scam email – which was first discovered by email security firm MailGuard – also includes a link to view transaction history which, if clicked, then directs unsuspecting users to a fraudulent web page, which mirrors the official ANZ website. Customers are then asked to sign in using their username and password.

This is a screenshot of the fraudulent web page. Source: MailGuard.
This is a screenshot of the fraudulent web page. Source: MailGuard.

Once they have signed in, victims are redirected once again to another landing page, featuring ANZ logos and text, which suggests their account has been blocked, prompting them to provide the answers to three pre-set secret questions. These answers are then rejected as ‘incorrect’.

MailGuard published a statement online on Friday, warning Australian users about the phishing scam, adding that the purpose of it is to “harvest the login credentials of ANZ customers so the criminals behind this scam can break into their bank accounts”.

“By typing in your account number and password, you’re handing this sensitive account information to cybercriminals,” the statement read. “If you also tell the scammers details of your security questions and answers, it allows them to attempt other fraudulent actions, such as calling them back and trying to access your account.”

ANZ advises customers not to respond to emails which request personal information or security details. They also suggest changing passwords on a regular basis and keeping firewalls up to date. If you have received this email, report it to ANZ’s Internet Banking team on 13 33 50.

Have you ever fallen victim to a scam? Do you worry about scams?

Join the community that will get you through the hard times ahead.

Starts at 60 is the community you need when Covid-19 is changing life as we know it. We stick together, help each other, share information and have a whole lot of fun online.

Join for interactive online events, expert advice, timely news, great deals and community conversation.

Leave your comment

Please sign in to post a comment.
Retrieving conversation…
Stories that matter
Emails delivered daily
Sign up