According to Andrew Kent, the CEO of SpamTrap, the e-mails were sent out in the early hours of this morning. SpamTrap's honeypots collected samples of the fraud between the hours of 1.45am and 8.10am. Over 800 examples of the fraudulent e-mail were collected, more than twice the number collected during similar scams earlier this year.
Like the earlier scams, this e-mail utilised graphics from Westpac's Web page, as well as a fake link that purports to lead to the legitimate Westpac site but instead takes you to a fake site. However, unlike previous attempts where the fake address could be spotted by holding the cursor over the link and viewing the fake URL in the taskbar, this e-mail displayed the URL for the real Westpac site in the taskbar.
It achieved this having the link as the real URL followed by a large number of spaces written in HTML code, some random characters, an -@" symbol and the fake URL. The large number of spaces forced the second part of the address out of view on the taskbar. According to Kent, the -@" symbol causes the browser to ignore everything before it and jump straight to the URL after it.
-It's a hard thing for the banks to do anything about," Kent told ZDNet Australia. -Apart from user education there's very little you can do." Kent said that because the fraudulent e-mail is mass-mailed to a large number of addresses, an effective spam filter will prevent it. He said none of these scams had made it through SpamTraps defences, as they were registered as spam.
The latest scam also resembled the others in the use of poor grammar, such as -Our new security system will help you to avoid frequently fraud transactions and to keep your investments in safety" and -Due to technical update we recommend you to reactivate your account".
I did receive a "Fraudulent Westpac email
yesterday. I noted that people that had Spam Filters on their machines, did not receive them- not so! I have had a lot of Spam this year and I had Optus use their Spam Filter as they are my provider - this has been mostly successful as only a few slip through - Westpac was one of them. I did ring Westpac and inform them but they were a little "Ho Hum" about the matter and stated the obvious.