Online banking SMS scam snares victims with fake websites

Date: February 10, 2016

(29)
Comments 48

Hannah Francis

Technology Reporter

View more articles from Hannah Francis

Follow Hannah on Twitter Follow Hannah on Google+ Email Hannah

A scam ANZ Internet Banking web page looks identical to the real thing.

It looks identical to your bank's online portal. But don't be fooled.

A proliferous SMS phishing scam is catching victims by directing them to fake websites which look identical to those of real Australian banks, and then capturing their private banking login details.

Potential victims are sent a short text message with a link that appears to be from a genuine banking institution, but instead it redirects to the fake website.

The real ANZ Internet Banking site.

A sample image provided by Australia's communications watchdog shows just how sophisticated the scam is. It's almost impossible to tell the real ANZ Internet Banking mobile page apart from the scam one. The only difference is the URL, but even this could be easily overlooked or mistaken for a genuine website by unsuspecting victims.

It has two fields which ask for a Customer Registration Number and a Password, with a Log on button below.

The Australian Communications and Media Authority has listed dozens of fake URLs, many of which are similar to those of genuine online banking sites but with added words or letters such as "mobile", "m" or "mobi".

The authority issued an alert on Wednesday for "all mobile phone users" in both Australia and New Zealand.

The banks that are known to have been targeted in the scam are ANZ, Bank of Queensland, Bendigo, GE Money, Heritage, Macquarie, National Australia Bank, St George and Suncorp. The ACMA said the scammers were progressively targeting different banks.

"It appears that the criminals behind this campaign are constantly refining their messages and the associated fake imitation banking websites to increase their chance of success," it said.

The watchdog became aware of the scam after numerous victims reported it via the ACMA's SMS spam reporting number. Anyone who thinks they have been sent a scam text message can notify the ACMA on 0429 999 888.

Customers who are concerned they may have clicked on a spam link or entered their login credentials at a fake site are advised to contact their bank immediately. Victims are also encouraged to report incidents via the federal government's Australian Cybercrime Online Reporting Network.

Useful tips to help stay protected

To help minimise your chances of being duped by these and other phishing campaigns, we recommend that you:

don't open SMS or emails from unknown or suspicious sources
never follow hyperlinks contained in these messages
always carefully check the authenticity of a website that requests your user credentials
never reuse the same login credentials on any web service
where available, use two-factor authentication on your accounts.

We encourage all Australian consumers to forward any suspicious or spam-related SMS messages to our hotline on 0429 999 888.

Source: ACMA.

48 comments so far

So why can't the Australian Police, FBI, Interpol, CIA find the people who run this scam and throw them in jail ?? Surely the money they scam goes some place, can't they just follow the money.And what does the advice never use the same log in twice on any web service mean, change your password every time you do online banking.

Commenter

Darryl56

Location

Brisbane

Date and time

February 10, 2016, 3:33PM
- They are probably from overseas, that's why they can't catch or prosecute them
  
  Commenter
  
  C
  
  Date and time
  
  February 10, 2016, 5:21PM
- Hi Darryl,
  I think they mean don't use the same password for everything. Tricky to remember loads of passwords? Yep. I've got a system where the first 9 or 10 characters are the same, and the last three letters identify the website - eg. abcd1234ANZ, or abcd1234FBK
  Seems to work most of the time for the important logins online...
  
  Commenter
  
  Dave
  
  Date and time
  
  February 10, 2016, 5:28PM
- The city of Râmnicu Vâlcea in Romania, a.k.a. "Hackerville" is well known for this kind of activity. It’s not a case of finding them it’s being able to prosecute the offenders, which is very difficult to do when the local community itself gets an economic benefit from the hacking.
  
  Commenter
  
  Real DC
  
  Location
  
  Melbourne
  
  Date and time
  
  February 10, 2016, 6:03PM
- Daryl56. The people who run these scams are professional criminals. They use VPNs and bots so their real origin is almost impossible to track. They use banks in jurisdictions such as the Cayman Islands which are, again, almost impossible to penetrate. As to the web service advice, I am as confused as you are. In general though, always type in your web address when accessing any secure site, don't copy and past. I have recently had the sms's, the emails and the phone calls from scammers. The sms's I just delete, the emails I bounce (have a look at a product called mailwasher) and the phone calls I just play along until they get bored. Cheers. Les
  
  Commenter
  
  Les
  
  Location
  
  Fitzroy
  
  Date and time
  
  February 10, 2016, 6:07PM
- Major western governments need to threaten to cease trading with countries like Nigeria and Romania, unless their governments successfully rein in these cybercriminals.
  
  Commenter
  
  Gatsby
  
  Date and time
  
  February 10, 2016, 7:11PM
- @Gatsby
  But we're "open for business" and we love "free trade" without government restrictions!
  
  Commenter
  
  retired@33
  
  Date and time
  
  February 10, 2016, 8:23PM
- Gatsby, it would be the financial equivalent of an international naval force patrolling the waters off the Horn Of Africa to rein in the Somali pirates. Not that the Somali government could do that at the time, of course; but Nigeria and Romania are not in the same "basket case" category.
  It would take time, but it would work.
  
  Commenter
  
  Gnatter
  
  Date and time
  
  February 10, 2016, 9:23PM
- Dave, using a code at the end of the same password is not more secure. I can guess your cba password easily or your google password. You need to use different passwords for different sites so that when a site is compromised and they see your password it can not be used for another site. Adding an obvious code to the end is, well, obvious.
  
  Commenter
  
  screen name (required)
  
  Location
  
  Location (optional)
  
  Date and time
  
  February 10, 2016, 9:59PM
- Bring back public floggings. They will soon get the message.
  
  Commenter
  
  Get tough
  
  Date and time
  
  February 11, 2016, 10:18AM

More comments

Make a comment

You are logged in as [Logout]

All information entered below may be published.

Screen name (required)

Error: Please enter your screen name.

Error: Your Screen Name must be less than 255 characters.

Location (optional)

Error: Your Location must be less than 255 characters.

(required) 300 words remaining

Error: Please enter your comment.

Error: Your Message must be less than 300 words.

Post to: Facebook; Twitter; LinkedIn

I understand that submission of this content is covered by the Conditions of Use by which I am bound and Commenting Guidelines are available for my reference.

You need to have read and accepted the Conditions of Use.