I saw this email in my spam box and with the titled ANZ: Account Alert it caught my attention. The main body read:
“Dear Customer,
Enter your Internet Banking logon details to upgrade to our new system technology for your maximum protection.”
What is wrong with it? First of all, check out the reply-to address: butoneday@centurytel.net. That’s should get the alarm bells ringing. Next, the blue links on the right, aren’t links at all. The only hyperlink is the blue Log on button in the middle.
Where does this link take you to? http://sheilashelovesyou.ch/img/ssl/But/c/login.html which displayed a login screen that is identical to the real anz website log in page.
First things first, don’t click on the link. If you do out of curiosity, don’t enter your ANZ credentials in! Report this to ANZ by emailing them at emailalert@anz.com and read this page: http://www.anz.co.nz/business/ways-bank/protect-banking/online-security-threats/
2 factor authentication should be a minimum. ie having some sort of device that provides you with a code that you use to compliment your log in process. Was that a hint ANZ?