How to Pick Fraudulent Bank Emails & Protect your Credit Cards

Posted May 25th, 2009 and last modified July 22nd, 2014

Over the past month, a series of scam emails have been sent to Australian Commonwealth Bank customers requesting NetBank login details, credit card and debit card numbers.

Secure Sentinel

Protect yourself from loss, theft and identity crime

Safeguard your personal information from identity thieves. SecureIdentity by Secure Sentinel helps you protect confidential information to prevent your identity from being used for illegal activities.

Features of Secure Identity - with one single call you can:

  • Cancel any affected credit cards or other financial cards (including cover from the time they were lost to the time you notified them, until the time they notify your banks etc.
  • Arrange replacement cards
  • Place a temporary block on your mobile phone that is registered with Secure Identity
  • Help you with item details for a police claim or insurance claim
  • If you are eligible, you can even receive a cash advance of $1,000 AUD in the case of an emergency
  • Organise the safe return of any lost or stolen registered items that were recovered
  • Give you help and advice to get through the situation as smoothly as possible with the least amount of stress.

    These emails link out to fake clones of the Commonwealth Bank website designed to snap up the personal details of unsuspecting customers. Emails intended to scam personal details are also known as ‘phishing‘.

    For starters, no bank or financial provider will ever email you requesting any personal details. In light of the recent emails, a representative from the Commonwealth Bank has stated:

    Commonwealth Bank released a warning for their customers.

    What happens in these phishing emails?

    Below are screenshots demonstrating one of the recent NetBank phishing emails:

    The False URL Bar.

    • This is the what one of the email’s look like in your inbox. From this point, it looks fairly legit and ‘official’.
    • Below is what the email looks like when you open in it plain text. Most emails will automatically be opened in plain text by default.

    The Email in Plain

    • The first thing odd about the email is that the sender does not refer to the recipient as their full name, but rather their email address.
    • The second feature of the email is one which may fool even a savvy internet user. When you mouse over a link, it’s true destination is typically shown. However, because the email is opened in a plain format, it cannot register this.

      For example, this link says http://www.google.com but actually leads to the Credit Card Finder® homepage.

    • However in plain text, the URL preview will show what the text says, which as you can see, is the real netbank.commbank.com.au page.
    • See below for what the email looks like in Full HTML.

    The Email in HTML

    • If you open the email in HTML, you will see a much more ‘real’ looking email. However, if you mouse-over the URL link, you will see in the URL preview at the bottom of your internet browser that it leads to a bogus website.

    What happens if I click through to the fake website?

    • If you follow the link, you will be sent to a direct clone of the real NetBank page, where you would typically enter your Client Number and Password.
    • Once you enter your details, you’re redirected to a page where you are asked for your debit or credit card information for ‘further verification’.
    • Once you enter those details, you are redirected to the official NetBank login page.
    • At this point, the scammers now have your NetBank login details as well as your credit/debit numbers.

    False details were used to proceed through the steps.

    How do people fall for these e-mails?

    If people have never encountered or heard of phishing emails in the past, unfortunately some will learn the hard way from their mistakes.

    Fortunately, while it can be a violating and scary experience having your personal details and money stolen, if you inform your bank quickly, in most cases you will be hastily reimbursed for your losses.

    What happens if I’m positive that the email requesting some sort of private information is official?

    Ignore it. If it’s authentic and important, your bank will send you a letter or call you instead.

    How can I tell if the letter or call is real then?

    Similarly, no letter or call will ask for your personal details to prove your identity or anything along those lines.

    Banks rarely contact by phone out of the blue, they will generally only call in reply to a query, question or dispute.

    If for any reason you doubt the authenticity of the caller, provide a false answer to a security question as a precaution – if they approve of it, you will know it’s a fraud.

    More Resources

    Was this content helpful to you? No  Yes

    Ask a Question

    Disclaimer: At finder.com.au we provide factual information and general advice. Before you make any decision about a product read the Product Disclosure Statement and consider your own circumstances to decide whether it is appropriate for you.
    Rates and fees mentioned in comments are correct at the time of publication.
    By submitting this question you agree to receive follow up emails related to finder.com.au and to create a user account where further replies to your questions will be sent.

    One Response to How to Pick Fraudulent Bank Emails & Protect your Credit Cards

    Subscribe to our newsletter and get "The Ultimate Guide to Balance Transfers"

    If You Like This Post...

    Get all the latest deals, guides and tips in Finder's free bi-monthly email. Don't miss out - join the thousands who get it emailed!

    We Respect Your Privacy

    Credit Cards Comparison

    Interest rate (p.a.) Balance transfer rate (p.a.) Annual fee Cash advance rate (p.a.)
    Westpac 55 Day Platinum Card
    Westpac 55 Day Platinum Card
    Exclusive Offer to Credit Card Finder. 0% p.a. for 12 months on Purchases
    $0 annual fee with platinum benefits including a platinum concierge service, overseas travel insurance, extended warranty cover and purchase security cover.
    0% p.a. for 12 months (reverts to 19.95% p.a.) 3.99% p.a. for 6 months with 1% balance transfer fee $0 p.a. 21.49% p.a. Apply
    More
    ANZ Platinum Credit Card
    ANZ Platinum Credit Card
    No annual fee for the first year and a balance transfer offer. 19.74% p.a. 0% p.a. for 16 months $0 p.a. annual fee for the first year ($87 p.a. thereafter) 21.49% p.a. Apply
    More
    Coles No Annual Fee MasterCard
    Coles No Annual Fee MasterCard
    Enjoy a low interest rate plus a $0 annual fee. 17.99% p.a. 0% p.a. for 6 months $0 p.a. 17.99% p.a. Apply
    More
    HSBC Platinum Credit Card
    HSBC Platinum Credit Card
    Earn rewards points plus a balance transfer offer. Access to prestige services including a personal concierge service and VISA Platinum reward program. 19.99% p.a. 0% p.a. for 8 months $0 p.a. 21.99% p.a. Apply
    More

    * The credit card offers compared on this page are chosen from a range of credit cards CreditCardFinder.com.au has access to track details from and is not representative of all the products available in the market. Products are displayed in no particular order or ranking. The use of terms 'Best' and 'Top' are not product ratings and are subject to our disclaimer. You should consider seeking independent financial advice and consider your own personal financial circumstances when comparing cards.

    Ask a question
    feedback