New email banking scam one of the most convincing yet

NAB customers need to be on the lookout for a sophisticated and extremely convincing new email scam.

The 'phishing' scam has been detected by cyber-security company Proofpoint but, at the time of writing, doesn't yet appear on the NAB fraud warnings site. 

Most phishing scams, emails sent to fool bank customers into divulging sensitive information, can be straightforward to detect by algorithms or even simple examination, this scam is said to go further than usual.

How to identify the scam:

1. A very real looking NAB email is sent to Aussies about account suspension. The attacker replaced the letter 'o' (in verification) with a 'circle' to avoid detection by anti-spam filters.


2. Unsuspecting customers open the attachment and click on the link which is a
very real looking URL, same as the genuine one:


The html source code even says it would hyperlink to the legitimate

3. The user is then shown a page that looks like the NAB login page, the URL also appears legitimate with the same address (one of the reasons why you can't tell it's a phishing attempt) -- this is because the HTML doc calls an external JavaScript which changes the text in the address bar.


Phishing kits use a variety of encoding and JavaScript to prevent both users and security vendors from determining that the landing pages are anything other than harmless text or benign functions for rendering HTML - this is called an obfuscation technique and is becoming more popular in these types of attacks.

4. The phish does not stop with login credentials. When the user provides a username and password, they will be redirected to an additional fraudulent page to squeeze more info out of the victim.


5. The user completes this page and clicks Continue to be redirected to the legitimate National Australia Bank website. The user is none the wiser until it's too late.

The attacker gets: bank login information, personal and contact details, credit card details, and more. 

"Australian companies spend millions of dollars annually training their employees to spot phishing attempts, Proofpoint's Managing Director, Tim Bentley said.

"While this is a sensible precaution, the new breed of attacks like this fake NAB one make it increasingly hard for the recipient to make the right call and hit delete or report. "

A German university recently found 56 per cent of email recipients clicked on any links they receive, even from strangers, due to curiosity, even if they knew the dangers.

Fears grow after tourists bypass NSW quarantine

Fears grow after tourists bypass NSW quarantine

Urgent virus warning for Virgin flight

Free camping encourages travellers to ‘linger longer’

Premium Content Free camping encourages travellers to ‘linger longer’

A FAR North Coast council is providing free camping at its local showground this...

Can Santa deliver this bridge for Christmas?

Premium Content Can Santa deliver this bridge for Christmas?

Council elves set cracking pace as historic bridge replacement nears finish