Previous    Next
Warning: JavaScript is turned off! Some features on this website will not work without it.

Westpac Bank Phishing Email Scam - Detected a login attempt from an unrecognized device

Westpac Bank Phishing Email Scam - Detected a login attempt from an unrecognized device

The Westpac bank phishing email message below, which claims that an attempt with a valid password was made from an unrecognized device, was designed to steal Westpac online users' login user name and password. This email message is a fake and was not sent by Westpac.

Please continue reading below.

The Westpac Bank Phishing Email Scam

Westpac [no-reply41356]
This is an automated message to notify you that we detected a login attempt with a valid password to your account from an unrecognized device yesterday @

Location: NICARAGUA, MANAGUA,IP= Latitude, Longitude: 42.26353, -75.2059 Connection through: TELEMATIX/ENITEL Local Time: 2013 08:29 PM (UTC -06:00) IDD Code: 505 Weather Station: MANAGUA (NUXX0004) Usage Type: ISP

Was this you? If so, you can disregard the rest of this email. If this wasn't you kindly follow the account review link: .au.ia-6804.serv-91. .php?r=3965418253

Westpac Bank Customer Care
2013 Westpac Financial Corporation. All Rights reserved
E-mail ID: 70409795

This email message claims that someone signed into the recipient's account from particular location and the recipient should click the link within if they were not the one who signed in from that location. This is a trick to convince the recipient into clicking on the link, which will take him/her to a phishing or fake Westpac sign in or login page.

If the recipient enters his/her Westpac username and password on this bogus or fraudulent website, it will be sent to the scammers behind this fraudulent email message and website. With the recipient’s username and password, these scammers will be able to gain access to that person’s Westpac accounts.

For the link in the email address, if you look at it, you will notice that it ends with "". Now, a lot of persons will look at this and think the link goes to the Westpac website located at, but it does not. The link actually goes to the website "".

What the scammers have done is to create subdomain names at the website with the name "". The subdomains are the names after the dots (".") in the website name, moving from the right to the left.

Here is an example:

If I create the subdomains "" at, this is how the website address would look:

Although the website has in it, it does go there; instead, it will go to When looking at a domain or website name, always read it from right to left.

This type of subdomain creating is called "Domain Cloaking" and cybercriminals use this technique to trick persons into believing that they are on a legitimate website.

If you were tricked by this email message into clicking on the phishing link and have entered your Westpac username and password on the phishing web page, please change your Westpac password now or contact Westpac immediately.

Never click on a link to login or sign into any of your online accounts, instead, type the name of the website address into your web browser address bar. Once you are on the homepage of the website, you may navigate to the login or sign-in page.

Westpac bank says: "If you happen to get these emails in future did you know you can forward to so our security team can investigate the origin and hopefully shut these fraudsters down."

Please share with us what you know or ask a question about this article, by leaving a comment below. And, forward malicious email messages to us using the following email address: .

Tell us if you LIKE this article by clicking the following thumbs-up, or click the thumbs-down if you dislike it:

       Rating - Thumb up          Rating - Thumb down 0   
Alert and help your family and friends by sharing this article with them:
Submit Your Comment or Question

Submit your comment or question in the box below to share what you know or to get answers about this article.

CommentComments or Questions (0)