Email con hits Commonwealth Bank

Email con hits Commonwealth Bank

By Mark Chillingworth

An email circulating Australia yesterday tried to gain the username and passwords of Commonwealth Bank customers who use the bank's NetBank service.

The email, which came from the genuine sounding address admins@commonwealthbank.com, was not targeted purely at Commonwealth Bank customers, although many customers of NetBank did receive the email.

"We have had several hundred customers alert us to this," said Paul Reay, a spokesperson with the bank.

The contents of the email told NetBank customers and recipients that they had to reactivate their accounts "due to a technical update". Adding; "Our new security system will help you to avoid frequently fraud transactions and to keep your investments in safety." Clients were then directed to click on a link to log in to an updated Netbank account; the link led them to a false, but professional looking Web page.

This link now links to a security warning from the Commonwealth Bank and the bank has been on an intensive media campaign to alert customers to the email.

Customers calling the Commonwealth Bank call centre were warned that at no time would the bank request a customer's client number and password at the same time.

The Australian Federal Police are now investigating following a similar attack to Melbourne IT.

Related Articles:

CBA archives moving house

CBA unifies storage on NetApp