UPDATE: Fraudsters seek access to Netbank accounts

The Commonwealth Bank of Australia has revealed that some customers have been tricked into revealing their Netbank client number and password after receiving a spam mail claiming to be from the bank.

The message has the subject "Netbank Security Server Update" and asks recipients to reactivate their NetBank accounts. The HTML message grabs a genuine Commonwealth Bank graphic, but the hyperlink that purports to take the reader to the NetBank site actually points to a server identified only by an IP address.

Anyone viewing the message as plain text is unlikely to be fooled, but the default setting for many email programs is to show HTML messages fully-formatted. The IP address used by the bogus web site is apparently allocated to a Taiwanese telco, but the site itself has now been taken offline.

"If customers have received an email requesting personal information they should delete it. It is not from the Commonwealth Bank," read an advisory issued by the bank. The bank goes on to advise anyone who responded to the instructions in the fraudulent e-mail to change their password via the Netbank site, and check their account details.

The spam contains other clues that it is fraudulent, including awkward phrasing such as "to keep your investments in safety" and grammatical errors, for example, "Due to technical update we recommend you to reactivate your account".

"We are working closely with the relevant authorities to identify persons behind these attempts to defraud," said John Geurts, Head of Group Security in a statement.

The bank is assuring customers that the Netbank system is secure.

Melbourne IT customers have also been targeted by spammers seeking credit card details today. The spam uses a malformed URL to make it appear to be from Melbourne IT, and claiming the customers need to renew their domain or risk losing it.

The Web site users are taken to has nothing to do with Melbourne IT, and is not secure, despite an 'important security notice' on the site claiming it uses 128-bit SSL. Melbourne IT has issued a statement advising people to ensure that any site in which credit card details are entered is secure, which is denoted by a padlock symbol at the bottom of the browser.

Advertisement

Print feature brought to you by Adobe

Talkback 3 comments

    Members of a discussion group ...Jim Belshaw -- 18/03/03

    Members of a discussion group that I belong to have received similar requests purporting to come from Amazon and Ebay.

    If you beleive anything you ge ...Anonymous -- 18/03/03

    If you beleive anything you get as e-mail! You deserve the outcome. A fool and their money are soon parted...

    I had my Laptop stolen. Some ...Anonymous -- 02/02/05

    I had my Laptop stolen.
    Some person came through the back door (it was open) while I was in front of the TV and walked out with it.
    (I had fallen asleep due to some medication I had taken)
    I contacted the police and made a report.
    Of course I have my Commonwealth Bank details on the computer but not my p****word. Well it was there but not next to the word P****word.
    Iprimus (my ISP) told me if anyone dialled in, they would supply the phone number of the dial in point.
    Well who ever has it did give it go but not through Iprimus.
    The Commonwealth Bank site shut down due to too many unsuccessful attempts at supplying the correct p****word.
    I contacted the bank who told me there was nothing they could do.
    I told this guy, that is bull ****, and insisted he put me through to there IT department.
    I was put through to Group Security who said they could do nothing.
    Again I insisted that it would be fairly easy for them to trace the ISP.
    Finely I was told I should have the police fax them a request.
    3 days later, nothing.

    They are too lazy or just don't care.
    The police and the bank that is.

    I will let you know if anything

    Ron Hay

    PS:
    I contacted Telstra and asked if I supply the phone number of the dial in point would they give me the
    name and address of the dial in point?
    They told me they would NOT.
    (This is not the first time I have come up against a wall with Telstra. A guy ran into my car, he left his first name and phone number. When I rang it he just laughed at me and said find me. Again Telstra would not give me, or the Police his name)

Add your opinion

Latest Videos

Sponsored content

Power Centre - Content from our premier sponsors

Blogs

  • Suzanne Tindal IT: Govt's cost-cutting bitch
    The government needs to stop looking at IT as a necessary evil or the place to remove costs when the Treasurer comes calling.
  • Array Can complaints on mobile content be cut?
    On 1 July this year the new Mobile Premium Services Code was introduced. It sounds like it's had a good impact, but is it enough?
  • Array NZ farmers: Bleating about broadband
    As we know, farmers are such bleaters. They bleat as much as the four-legged woolly things in their paddocks. If it's not the weather, it's the strength of the dollar! Nothing is ever right. Likewise with rural broadband.
  • More blogs »

Tags

  1. 489 articles are tagged with 3g
  2. 41 articles are tagged with afact
  3. 83 articles are tagged with asic
  4. 141 articles are tagged with ato
  5. 1306 articles are tagged with broadband
  6. 14 articles are tagged with cenitex
  7. 670 articles are tagged with cio
  8. 253 articles are tagged with conroy
  9. 132 articles are tagged with contract
  10. 47 articles are tagged with david thodey
  11. 514 articles are tagged with dell
  12. 155 articles are tagged with exchange
  13. 152 articles are tagged with firewall
  14. 129 articles are tagged with fujitsu
  15. 53 articles are tagged with gnome
  16. 1033 articles are tagged with government
  17. 21 articles are tagged with hfc
  18. 790 articles are tagged with hp
  19. 1304 articles are tagged with ibm
  20. 222 articles are tagged with iinet
  21. 289 articles are tagged with isp
  22. 7 articles are tagged with jodee rich
  23. 13 articles are tagged with longhaus
  24. 35 articles are tagged with michael malone
  25. 1481 articles are tagged with microsoft
  26. 35 articles are tagged with mike quigley
  27. 51 articles are tagged with minchin
  28. 1127 articles are tagged with mobile
  29. 218 articles are tagged with national broadband network
  30. 395 articles are tagged with nbn
  31. 201 articles are tagged with new zealand
  32. 195 articles are tagged with nsw
  33. 61 articles are tagged with one.tel
  34. 929 articles are tagged with open source
  35. 884 articles are tagged with optus
  36. 20 articles are tagged with pipe networks
  37. 171 articles are tagged with queensland
  38. 2650 articles are tagged with security
  39. 53 articles are tagged with senate
  40. 69 articles are tagged with separation
  41. 9 articles are tagged with sp telemedia
  42. 176 articles are tagged with sydney
  43. 232 articles are tagged with telco
  44. 61 articles are tagged with telecom nz
  45. 2440 articles are tagged with telstra
  46. 138 articles are tagged with tender
  47. 25 articles are tagged with thodey
  48. 31 articles are tagged with tpg
  49. 176 articles are tagged with victoria
  50. 79 articles are tagged with wholesale

Back to top

Featured