A new round of phishing emails purporting to come from Westpac has hit Australian inboxes as the bank works to restore its systems after a major outage.
The phishing campaign, identified by email filtering company, MailGuard, comes a week after an earlier phishing email campaign containing claims of locked Westpac accounts attempted to get users' details via a dodgy link.
The link in the earlier scam took victims to a replica of the Westpac banking website, hosted on the unrelated domain of a Tanzanian guesthouse, which MailGuard said was likely compromised in an earlier cyber hack.
Now, the bank is again being imitated, according to MailGuard, with another email designed to steal account login information by posing as the bank and telling recipients that their accounts have been blocked.
Like the earlier campaign, the new scam uses a realistic clone of the real Westpac online banking page to harvest account access details, and asks recipients to click on a link to regain access.
“The link takes victims to a replica of the real Westpac online banking website – designed to steal people’s account log-in details. It’s hosted on the compromised site of a Napa Valley wine tour operator,” MailGuard said in a blog post.
“The email contains an image rather than text, possibly to avoid detection by software set up to block suspicious phrases.
“The sending address varies, but in each case includes the domain @emailwestpac.com.au. The emails have been sent from a range of compromised servers,” the company said.
The new round of Westpac-themed phishing emails come as the bank struggled to restore systems following an outage which hit some online services early on 11 June, resulting in customers being locked out of online and mobile banking systems.
@Westpac is your online system cooked rn? I can't log in to either web or android app, I get asked to confirm email then booted off. thanks— Ben Bligh (@peregrinari7) June 13, 2017
On 13 June - more than 48 hours after the outage - Westpac was still fielding queries on social media from customers claiming to be experiencing trouble logging into online services.
“We have had an issue with online banking whereby some customers were unable to view their account details in Westpac Live," a spokesperson for the bank said on 13 June. "While we have resolved the issue for many customers, we are aware that a limited number of people are still having issues logging in."
This post was then updated on the same evening, with the bank claiming to have finally resolved the issue.
"Hi everyone, thanks so much for the patience of those affected by recent issues," a social media statement read. "The issue has been corrected for affected Mobile and Online Banking customers.
"If you are having problems logging in please call us on 13 20 32, or direct message us, so we can look into your situation. Again, our sincere apologies."
It should be noted that there appears to be no evidence to suggest the fresh phishing campaign is in any way linked or related to Westpac's system outage.