ANZ customers warned of elaborate new email scam
ANZ customers have been warned to be vigilant about an elaborate email scam impersonating the bank.
The email is disguised to appear as though it has been sent from an official ANZ email and tells customers that their online banking account “has been temporarily locked” due to an “unauthorised” transaction.
According to 9Finance, the message claims $300 had been paid to “Energy PRO Australia LTD” before providing a link to “regain access” to their account.
The link redirects customers to a phishing page mirroring the financial institution’s website and prompts them to fill out their banking data, including username, password and answers to secret questions.
After handing in their login details, customers are then faced with a page that simulates a blocked account scenario with three challenge questions to be answered. Once customers provide the answers, they are informed that their responses are incorrect.
“This sole purpose of this elaborate phishing scam is to harvest the login credentials of ANZ customers so the criminals behind this scam can break into their bank accounts,” said Akankasha Dewan, social media manager at web and email security company MailGuard.
“By typing in your account number and password, you’re handing this sensitive account information to cybercriminals.”
The email also attempts to appear more authentic by advising customers to contact the bank if they have any questions, with the official ANZ phone numbers provided in the message.
“If you have any questions about your account, please call us on 13 13 14 or International 61 3 8699 6943. We’re here to help.”
The bank advises that it will never send any email asking for account details or personal information. It also recommends looking out for signs of suspicious emails, including misspellings, poor grammar, failure to address the customer by name, strange email address, and patchy graphics or design.
This is the latest scam to affect the bank. In March, ANZ warned its customers of a scam looking to confirm their “challenge questions” to purportedly protect customers and improve banking security.