Fraudulent Westpac e-mail tries to con customers

According to Andrew Kent, the CEO of SpamTrap, the e-mails were sent out in the early hours of this morning. SpamTrap’s honeypots collected samples of the fraud between the hours of 1.45am and 8.10am. Over 800 examples of the fraudulent e-mail were collected, more than twice the number collected during similar scams earlier this year.

Like the earlier scams, this e-mail utilised graphics from Westpac’s Web page, as well as a fake link that purports to lead to the legitimate Westpac site but instead takes you to a fake site. However, unlike previous attempts where the fake address could be spotted by holding the cursor over the link and viewing the fake URL in the taskbar, this e-mail displayed the URL for the real Westpac site in the taskbar.

It achieved this having the link as the real URL followed by a large number of spaces written in HTML code, some random characters, an “@” symbol and the fake URL. The large number of spaces forced the second part of the address out of view on the taskbar. According to Kent, the “@” symbol causes the browser to ignore everything before it and jump straight to the URL after it.

“It’s a hard thing for the banks to do anything about,” Kent told ZDNet Australia. “Apart from user education there’s very little you can do.” Kent said that because the fraudulent e-mail is mass-mailed to a large number of addresses, an effective spam filter will prevent it. He said none of these scams had made it through SpamTraps defences, as they were registered as spam.

The latest scam also resembled the others in the use of poor grammar, such as “Our new security system will help you to avoid frequently fraud transactions and to keep your investments in safety” and “Due to technical update we recommend you to reactivate your account”.

• Related stories

• Alerts

Add your opinion

1. I did receive a "Fraudulent Westpac email yesterday. I noted that people that had Spam Filters on their machines, did not receive them- not so! I have had a lot of Spam this year and I had Optus use their Spam Filter as they are my provi Anonymous -- 04/05/04

   I did receive a "Fraudulent Westpac email
   yesterday. I noted that people that had Spam Filters on their machines, did not receive them- not so! I have had a lot of Spam this year and I had Optus use their Spam Filter as they are my provider - this has been mostly successful as only a few slip through - Westpac was one of them. I did ring Westpac and inform them but they were a little "Ho Hum" about the matter and stated the obvious.

   • Reply to comment
   • Reply to story
   • Report offensive content

   1. Westpac Anonymous -- 14/06/07

      The spam has arrived several times. Westpac don't indicate an email number where one can report this. Anyone know one?

      • Reply to comment
      • Report offensive content

• Just In

• Most Popular

• Most Discussed

Reader Services

Popular Topics

Essentials