Scammers are targeting Commonwealth Bank (CBA) customers using convincing fraudulent emails designed to steal personal information, which includes financial details and sensitive personal data such as names, addresses, and passwords.
To prevent CBA customers from getting scammed, we're going to take a look at what is in this phishing email scam and what to do if a fraudulent email is spotted.
If you need support or just someone to talk to, our Sonder support team is available 24/7 to chat whenever you need it.
What is this CBA phishing email scam?
This specific phishing scam involves scammers sending out fake emails to unsuspecting CBA customers and warning them that their banking account access will be restricted unless they verify their personal details within the next 48 hours.
The email is a pretty convincing recreation of a real CBA email due to the use of legitimate-looking CBA imagery and language. There are instructions on what to do and a 'Click here to Verify' button that'll take customers to a fake phishing website designed to steal personal information.
While the CBA phishing email is pretty convincing, there are a number of signs that reveal it to be a fake:
The email address used is not a proper CBA address and is instead a bunch of nonsense.
The imagery used is usually low resolution and off-centre.
What to do if you spot this scam
If you've received a phishing email of any kind, the first thing is to avoid opening it and report it to firstname.lastname@example.org before deleting it directly from your inbox.
If you've accidentally clicked on a link in the phishing email, do not enter any information in the site you're directed to. If you've clicked on or saved a suspicious attachment, delete it immediately and run an anti-virus scan on your device.
It's important to note that CBA will never send its customers an email or SMS asking for banking information like a NetBank Client ID, password, or NetCode; or include a link to login directly from an email or SMS.
If you've shared personal or financial details in response to the phishing email, you need to:
Contact CBA immediately to let them know what happened and ask what they can do to help.
Change the passwords for any online accounts that might be at risk. Make sure to enable two-factor authentication for an extra layer of security.
If you've shared personally sensitive information, such as your driver's licence, passport details, or contact details, visit IDCare for assistance on how to address potential identity theft.
File a report with the Australian Cyber Security Centre here.
If you are ever unsure whether an email, message or phone call is legitimately from CBA, always message them through the CommBank app or visit a branch in person.
If you have any questions or need extra support, we're here to help you anytime in any language. Simply start a chat with us via the home screen of the Sonder app to connect to our team of qualified, caring health professionals.
Image credit: Commonwealth Bank via Facebook
All content is created and published for informational purposes only. It is not intended to be a substitute for professional advice. Always seek the guidance of a qualified health professional.