Alert Priority Moderate
13 February 2017

You are advised to remain cautious in 2017 about fake emails that claim to be from reputable businesses. These emails are used to deliver viruses, ransomware and other malware.

Researchers recently warned people to be aware of fake emails claiming to be from Citibank and Qantas that aim to capture information such as passwords, contact information and bank account details.

Phishing emails have become more sophisticated and may include logos, disclaimers and other features from the legitimate business the message claims to be from. Many phishing emails have become hard to distinguish from legitimate emails.

The Australian Communications and Media Authority (ACMA) warned on its Facebook page that the fake Qantas emails offered rewards of cash and frequent flyer points for participating in a survey.

'These emails look almost identical to a real Qantas email—look for the subject line ‘Customer Satisfaction Survey, Earn up to 95 AUD Plus 1,000 bonus Qantas Points,' ACMA stated.

The email asks the recipient to click on a link to fill out a fake survey form. However, the scammers instead aim to steal email and password details, contact information and bank account details.

'If you receive this scam email, delete it immediately,' ACMA warned.

Separately, researchers warned of a scam email purporting to be from Citibank that claimed the recipient has had his or her account ‘temporarily limited’ due to invalid login attempts.

The scam message directs users to a link to restore their account access.

The link opens a fake Citibank webpage that encourages users to hand over their usernames and passwords. Those who proceed are then asked to provide their date of birth and mobile phone number.

According to the researchers, the scammers planned to use these details to generate a 'One Time PIN Authentication’ sent to the users' mobile phone. This mimicked a genuine account security measure undertaken by Citibank.

If a user were to input that authentication code into the fake website, the scammers would have had full access to the users' online account with Citibank.

Citibank reported that it was advised of the illegal website by a customer who reported the email as suspicious, and that it had the site removed within a few hours. Citibank also said no customer had been impacted or suffered a loss of funds as a result.

Staying safe 

Stay Smart Online recommends you do not open emails from unknown senders, and that you be wary of unexpected emails.

If a message looks suspicious and you are unsure about whether an email is legitimate, before opening the message or providing any personal information you can:

  • Check by directly contacting the organisation, department or individual that it claims to come from, using a number you have independently located on a website, phonebook or bill.
  • Ask a coworker, friend or family member if the message looks suspicious or seems out of the ordinary.

Citibank provides advice about fake emails on their E-mail Fraud web page.

Reporting cybercrimes

If your computer has been compromised, you can report the incident to the Australian Cybercrime Online Reporting Network (ACORN) website.

ACORN also provides information on how to recognise and avoid common forms of cybercrime, such as hacking, online scams, online fraud, identity theft, attacks on computer systems and illegal or prohibited content, as well as offering advice to those who have fallen victim.

More information

For more information about protecting yourself from fraudulent emails, visit the Stay Smart Online website.

The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.