Australian Internet users receive forged message from bank to submit their account number and password via Web page
Incident Date: March 2003
Incident Location: Australia
In March of 2003 Australian Internet users received an official looking email asking them to "reactivate" their Commonwealth Bank account by logging in to the commonwealthbank.com Web site. However, this Web site, while similar to the bank’s (actually at commbank.com.au), was created by criminals to trick customers into revealing their account number and password. The criminals then made attempts to remove money from the bank accounts of customers who responded to the request.
At least one attempt to notify the bank of the false email was brushed off by Commonwealth Bank staff. While the email contained several warning signs, such as poor grammar, it bore the bank’s legitimate logo. It was also customary for Bank customers to receive email communications from Commonwealth Bank.
Jeff Smith, a Commonwealth Bank customer, was duped by a similar email scam in January of 2003. Criminals transferred $4,000 from his account after obtaining his account number and password. Mr. Smith said the bank refunded his money.
Title: Internet banking passwords stolen
Author: Kirsty Needham
Publication: The Sydney Morning Herald
Publication Location: Sydney Australia
Publication URL: http://www.smh.com.au/articles/2003/03/18/1047749771323.html
Do you have additional information to contribute regarding this story? If so, please email firstname.lastname@example.org with the details and source.