Commonwealth Bank scam that Australians need to know about
Commonwealth Bank scam that Australians should be aware of
- New email scam targeting CommBank customers
- The message appears genuine at first glance
A Commonwealth Bank customer has pointed out an alarming new tactic scammers are using, copying the layout of real emails to the point where they are nearly undetectable.
Australians are getting smarter about scam messages full of spelling errors and suspicious-looking web links, but the fraudsters are also getting more and more pro-active, constantly trying new tactics to trick their victims.
A recipient of the new type of scam told journalist Jacqui Felgate that their parents were nearly tricked into handing over their bank details.
“We received an email from CommBank a few weeks ago telling us to update our personal information through the app,” the tipster said.
“We received a scam email today that is almost identical to the original.”
However, there are still a few subtle clues that customers can look for that will reveal when an email is likely a scam.
A Commonwealth Bank client has spoken out about a new type of scam doing the rounds
This fake email is very similar to the real one, but with a few minor differences, most notably the grammatical error in the first sentence
The real email contains a warning at the top that is missing from the fake version stating that CommBank will not ask for private information such as a customer ID or access code in an email or text message.
The real email also directs customers to log into NetBank or use their CommBank app to update their details, while the fake email includes a button directly in the email.
The button is a step up for the fraudsters by hiding an obviously incorrect web address, but a link in the email itself should set alarm bells ringing.
Customers can also click reply to see the address the email was sent from, which is usually very different from an official address.
Finally, while the spelling is an improvement over some of the scammers’ previous attempts, there’s a grammatical error in the first sentence, which is a surefire way to spot a fake.
A CommBank representative confirmed to Ms. Felgate that the email was fake
“This is not a genuine CommBank message – please remove and do not disclose personal banking information.”
The spokesperson said the email has been forwarded to the internal security team for investigation.
They also noted that customers can report scams to CommBank’s 24/7 Cyber Security Center by forwarding and emailing hoax@cba.com.au.
Then delete the email and don’t click any links, they said.
Anyone who has clicked on a suspected scam link should immediately call the bank to let them know so that the account can be locked.