ANZ Bank targetted by phishing attack.


ANZ Bank, the Australia and New Zealand Banking Group Limited (ASX: ANZ, NZX: ANZ), commonly called ANZ, is the fourth largest bank in Australia. This bank has recently come under attack by a major phishing attempt. Genuine looking mails are being sent out and these mails even have the proper from and reply to headers.
This looks much more major than the usual spoofy phishing attacks.

This attack makes use of open smtp relay servers like centralfilms.net.

The malicious mails have links pointing to

http://anzspadeace.emenace.com/bankmainanz/bankmain/bankmain/bankmain.asp/cgi-bin/login.htm and
http://anzservicesonline9.emenace.com/bankmainanz/bankmain/bankmain/bankmain.asp/cgi-bin/login.htm

If you get any mail from ANZ (and you have a account with ANZ) do not click on or provide any information in there. Contact your bank immediately.

Sample phishing email:

Hello
As part of our security measures, we regularly monitor the activities in the Bank system. We have recently contacted you in response to a problem with your ANZ Bank account.

Information you have requested for the following reason:
Our system has detected unusual debits on a credit card associated with your Bank account.
File No: PP-1128-818-425
This is a last reminder asking you to log in to Bank account as soon as possible.

Please restore access to your account.
Please do not reply to this email. Emails sent to this address can not be answered.
Copyright © 2010 ANZ Banking Corporation ABN 33 007 457 141

ANZ has a contact us on their website where you can report such suspicious emails:

http://www.anz.com/common/forms/aus-online-enquiry/default.asp?intid=71

Written on March 12, 2010