28 May 2013

Email warns of security upgrade, but links to fake banking site

On 23 May 2013, antivirus vendor AVG issued a warning about the circulation of fake security notification emails pretending to originate from Westpac.

Like similar fake emails that have targeted Westpac, this example claims to be addressing security concerns over a “recent spate of fraud and identity theft”. It advises that a security upgrade is being undertaken and will be effective once customers login to their account.

The email includes a number of tell-tale errors that suggest it is a fake. In the image below, AVG has provided an overview of the errors which can help to identify it as a scam.

 incorrect capitalisation of Westpac in From field; Undiclosed recipients in To field; requirement to sign in to upgrate security; grammar and capitalisation errors in body of email; link to a non-Westpac URL.

Image credit: AVG

The fake banking website linked from this email looks similar to Westpac’s current online banking logon page.

Fake Westpac sign-in page showing non-Westpac URL

Don’t be fooled. This page is set up explicitly to capture your banking details.

Avoid phishing emails

Always be suspicious of unsolicited emails.

Do not click links or open attachments. The best advice is to simply delete the email.

If you are uncertain about an email you can always cross check the information by going independently to the company’s website or by calling the company directly.

Westpac hosts a list of examples of ghost sites/fake sites that mimic its online banking page.

Many reputable websites will specify how they will communicate with you on their website. Anything outside of this is suspicious. Westpac provides useful information about security on its website.

More information

AVGs blog post about the email, and a little more on its Facebook page too.

Stay Smart Online’s advice about phishing and advice about spam.

Information provided by AVG.

The information provided here is of a general nature. Everyone’s circumstances are different. If you require specific advice you should contact your local technical support provider.


Thank you to those subscribers who have provided feedback to our Alerts, Advisories and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.


This information has been prepared by Enex TestLab for the Department of Broadband, Communications and the Digital Economy ('the Department'). It was accurate and up to date at the time of publishing.

This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.

The Commonwealth, Enex TestLab, and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.

Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.

Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.

Host of subscription service

TheCommonwealth has engaged Ladoo Pty Ltd tohost the Stay Smart Online Alert Service. All URL links should show the domain send.ladoo.com.au at hoverover. URL links related to the administration of the service ('View online', 'Update your profile preferences' and 'unsubscribe')should direct you to web pages hosted by Ladoo Pty Ltd.


Facebook: www.facebook.com/staysmartonline
Email: staysmartonline [at] dbcde.gov.au
Web:  www.staysmartonline.gov.au
You are receiving this message at the address robert.novelli [at] communications.gov.au.
Update your profile preferences
If you no longer wish to receive the SSO newsletter, you can unsubscribe.

© 2012 Australian Government. All rights reserved

Connect with Stay Smart Online