Email fraudsters get tricky with ANZ scam
Online scammers continue to get more sophisticated.
The below email appeared in the inbox of an NBR staffer.
The fake message is lent an air of authenticity by its inclusion of an actual ANZ phone number, and the sensible security option to visit a local branch.
NBR ONLINE forwarded the scam email to NetSafe executive director Martin Cocker, who says as a rule, the banks never send you an unsolicited link to the login via email.
Of this specific scam, Mr Cocker comments.
"The give-away in this email is the login url which has a Mexican domain. If you follow that link you get to a legitimate looking login screen. When you enter your details, you then get diverted to the actual ANZ home page (www.anz.co.nz).
"To the user it looks like a simple failed login. Meanwhile the criminals bot will attempt to quickly login using the details you've just provided - and if it connects they will get to work relieving you of your money," he says.
"The use of NZ phone numbers is not unusual. It may simply be an IP phone number that diverts, or it could even be a legitimate phone number of the ANZ. It doesn't matter. They even handily advise you to to go to the branch and set up Internet Banking. They're just looking for the percentage of people who might enter their bank login details."