Tuesday, 30 May 2017 10:55

Fake Westpac Phishing Email Points up Urgent Need for Banks to Cooperate with central 0800 Scam Alert

  • font size decrease font size decrease font size increase font size increase font size
  • Print
  • Email

Email followed on heels of major international flap


A scam email today is the latest in a concerted fakes sent out to Xtra users. The current one (see below) is filled with grammatical and spelling mistakes that reveal it as a fake.  It follows a similar email drop last week (see below) inviting recipients to access a fake Westpac site.

The barrage pin points the need for a central bank 0800 query pool on suspect emails. The email followed on the tail of the global WannaCry cyber attack and at a time when New Zealand households still remain plagued by phone-ins from bogus Microsoft “certified” technicians now seeking to take advantage of the enhanced fear of cyber implant disruptions.

The first bogus Westpac email reads:-
________________________________

Dear Westpac Customer,

New Successful Payment.
For more information about this payment please follow the link below:
https://westpac.co.nz/transaction

If you received this message in your SPAM/BULK folder, it is because of the restrictions imposed by your Mail/Internet Service Provider.

2017 Westpac New Zealand Limited.

________________________

The second and most recent fake email is rather more convincing being centred on account verification procedures. Its message:-

Dear Customer,

Account Update

Due to the recent upgrade of our servers, we have urged all our online banking users for possible verfication.

Kindly use our website below to verify your profile to avoid account termination.

http://www.westpac.co.nz

Thank you for choosing us

Westpac Bank New Zealand.
______________________________
A problem recipients encountered with these email mass-drops, is that they feature the inference when it landed in a Westpac customer in-box that it was specially targeted at them.

In the instance of the first email inquirers had to compete with phone-ins in the regular course of bank business, as well as those now alerted by the bogus email.

MSC Newswire has lodged an enquiry with Westpac seeking to discover the source of the bogus email as well as more details on its modus operandi.

The arrival of the second such bogus email points up the problem that the Australian trading banks have in coping with this problem.

The incidents point up the need for a cooperative banking rapid response enquiry centre for customers to obtain information about all doubtful emails.

Banks of course do not contact customers with emails. Only by traditional post. Or via a customer-prompted and subsequently verified phone call.

Aware of this the international email fraudsters seek nonetheless to entice a response, in this case by conjuring up the notion of an inward payment.

The banks are no strangers to cooperative efforts.

They have profited greatly by keeping their customers at an economic distance by electronic banking, thus reducing their premises overheads.

A small proportion of these savings should now be re-invested in a quick-response shared call centre dealing with bogus emails which are now demonstrably on the increase.