Beware: Online Banking Scam Targets Australia

Online scams are prolific nowadays, costing individuals, banks and the economy billions of dollars every year and causing damage to unsuspecting victims that can last for years.

Hundreds of thousands of people are only just beginning to recover from the global WannaCry or WannaCrypt ransom-ware attack, which targeted big companies and personal users around the world earlier this month.

But now, a new scam is targeting National Australia Bank online banking customers.

NAB online banking scam

The scam involves a fake email that informs recipients that their account has been disabled, before prompting them to click a link to reactivate their account and enter their password into a fake website.

The website, which to the untrained eye looks exactly like the NAB online banking portal, is in fact a fake carbon copy, cleverly designed to harvest account information and security password details.  This type of activity is known as a ‘phishing scam’, and attempts to steal information in order to make fraudulent financial transactions.

While NAB’s security team has worked around the clock to block emails sent to customers in the past few days and to have the fake website pulled down, there have been a number of casualties.

In the wake of the incident, the bank has stated publicly that it would never ask customers to confirm, update or disclose personal or banking information via email or text. In fact, most banks employ this policy.

A little over 12 months ago, ANZ and several other trusted Australian organisations were the victims of another online phishing scam targeting customers via SMS, which advised them to log on to their online banking. The link that was provided led to a fake website that captured their log-in details.

Cyber crime is on the rise

Fortunately, the big banks have invested heavily to bolster security and minimise the damage from such scams. Most also have policies which state they will fully reimburse customers who have fallen victim. But cyber crime is certainly on the rise.

Last year, Prime Minister Malcolm Turnbull announced a $230 million funding package designed to stop malware attacks and the theft of data and intellectual property through cyber espionage, with a particular focus on threat detection, technical analysis and forensic assessment.

Difficult to detect

While once upon a time it used to be just the elderly, the naïve and the un-tech saavy who were vulnerable to online fraud (remember the Nigerian Prince emails?), a recent study found that millennials – who are considered to be the most tech proficient generation yet – fall for tech support scams more often than older generations.

But how is it possible that millennials who grew up in the digital age are so susceptible?

The simple fact is that online scams have become more sophisticated, and as we spend more time online, interacting with a range of businesses, institutions, retailers and individuals, every transaction has the potential to put us at risk, across multiple tech platforms – desktops, laptops, tablets and phones.

The only way to protect ourselves is to remain vigilant: never give your personal details away to a person or business you cannot verify. Update passwords, virus software and security settings on your social media accounts regularly.  And if you have children who are spending time online, ensure they know basic cyber safety too.