Warning! JavaScript is turned off or disabled! Some features on this website will not work.
Previous Next
»

Beware of "Westpac Bank Detected a Login Attempt from an Unrecognized Device" Phishing Email Scam

 +
Beware of "Westpac Bank Detected a Login Attempt from an Unrecognized Device" Phishing Email Scam

The Westpac bank phishing email message below, which claims that an attempt with a valid password was made from an unrecognized device, are being sent by cybercriminals to steal Westpac online users' login username and password. Therefore, Westpac customers who have received the same emails are asked not to follow the instructions in them, they should delete them instead.

Advertisements

The Westpac Bank Phishing Scam

Westpac [no-reply41356 @hlc1.westpac.com.au]


This is an automated message to notify you that we detected a login attempt with a valid password to your account from an unrecognized device yesterday @

Location: NICARAGUA, MANAGUA,IP=173.210.53.78 Latitude, Longitude: 42.26353, -75.2059 Connection through: TELEMATIX/ENITEL Local Time: 2013 08:29 PM (UTC -06:00) IDD Code: 505 Weather Station: MANAGUA (NUXX0004) Usage Type: ISP

Was this you? If so, you can disregard the rest of this email. If this wasn't you kindly follow the account review link:

http://login.westpac.com .au.ia-6804.serv-91. webhop.info/an/index .php?r=3965418253

Sincerely,
Westpac Bank Customer Care
2013 Westpac Financial Corporation. All Rights reserved
E-mail ID: 70409795

This email message claims that someone signed into the recipient's account from a particular location and the recipient should click the link within if they were not the one who signed in from that location. This is a trick to convince the recipient into clicking on the link, which will take him/her to a phishing or fake Westpac sign in or login page.

If the recipient enters his/her Westpac username and password on this bogus or fraudulent website, it will be sent to the scammers behind this fraudulent email message and website. With the recipient’s username and password, these scammers will be able to gain access to that person’s Westpac accounts.

For the link in the email address, if you look at it, you will notice that it ends with "login.westpac.com.au". Now, a lot of persons will look at this and think the link goes to the Westpac website located at http://westpac.com.au, but it does not. The link actually goes to the website "webhop.info".

What the scammers have done is to create subdomain names at the webhop.info website with the name "login.westpac.com.au". The subdomains are the names after the dots (".") in the website name, moving from the right to the left.

Here is an example:

If I create the subdomains "login.westpac.com.au" at onlinethreatalerts.com, this is how the website address would look:
http://login.westpac.com.au. onlinethreatalerts.com

Although the website has westpac.com in it, it does go there; instead, it will go to onlinethreatalerts.com. When looking at a domain or website name, always read it from right to left.

This type of subdomain creating is called "Domain Cloaking" and cybercriminals use this technique to trick persons into believing that they are on a legitimate website.

If you were tricked by this email message into clicking on the phishing link and have entered your Westpac username and password on the phishing web page, please change your Westpac password now or contact Westpac immediately.

Never click on a link to login or sign into any of your online accounts, instead, type the name of the website address into your web browser address bar. Once you are on the homepage of the website, you may navigate to the login or sign-in page.

Westpac bank says: "If you happen to get these emails in future did you know you can forward to hoax@westpac.com.au so our security team can investigate the origin and hopefully shut these fraudsters down."

Please share what you know or ask a question about this article by leaving a comment below. Also, check the comment section below for additional information, if there is any.

Remember to forward suspicious, malicious, or phishing email messages to us at the following email address: info@onlinethreatalerts.com

Also, report missing persons, scams, untrustworthy, or fraudulent websites to us. Tell us why you consider the websites untrustworthy or fraudulent.

If you want to quickly find answers to your questions, use our search engine.

Remember to help us, help you, by donating. 🎁Click here to donate

Advertisements
Comments, Questions and Reviews
(Total: 0)

To help protect your privacy, please do not post or remove, your full name, telephone number, email address, username, password, account number, credit card information, home address or other sensitive information in or from your comments, questions, or reviews. And, when you post a comment or review, we will use your IP address to display your approximate location to other users.

 Show More Comments (0)
Write Your Comment, Question or Review
Write your comment, question or review in the box below to share what you know or to get answers. Please revisit after an hour or more to view reponses or answers to you questions.

Your comment, question or review will be posted as an anonymous user because you are not signed in. Sign-in.