Latest phishing scams, how to level up your own security

Once again the phishing scammers that be are targeting Australian Netflix customers for another round of, ‘please click here and enter your credit card’. Two words: Don’t Click.

The golden rule when it comes to any email asking for you to click a link and enter personal details is: Don’t click on the link. Go directly to the website to check your account details.

But this can be hard to remember as the scammers, phishers and emails become more sophisticated and the brands they impersonate are notorious. We’ve compiled some recent phishing examples to help you level up your own security.

The Netflix Phish

As mentioned, one recent Netflix scam told customers it had trouble authorising payment and “to enter payment information again or use a different payment method”. One big red flag is, when you actually hover over that ‘netflix’ link a different URL pops up and it isn’t to Netflix’s site, rather an impersonation of it.  
The sender’s email is also a sign it’s not from Netflix. Again if you’re unsure just open up a separate browser and head on to Netflix independently and log in to check if all is good, then delete emails like these. And while you’re at it, update your password to something really weird and long.

Netflix.JPG

Westpac Scam

Westpac have a whole webpage devoted to their latest scams, which gives good general information, on what they will and will not ask you for. Like your password, they will never ever ask.

Mailguard reported on a recent Westpac ‘Security Alert’ email advising customers to verify account details. Then it asks you to click to ‘Verify Now’, which directs you to a page that actually looks like a real Westpac page:

westpac2.JPG

It’s scary good, the lengths these scammers have gone to. But before you event get to this well-branded Westpac mimic, there are some flags in the email, let’s dissect it:

westpac-(1).JPG

First, it’s not addressed to you, the customer, emails to you from a service you use, will generally have a Dear Your Name. Also, just like the Netflix scam, the URLs are all wrong and actually not Westpac’s, so even though they have all the branding on point, one gaze at the web address can tear down the whole façade.

Scamwatch warning signs

The ACCC run Scamwatch to help all Australians be more vigilant with their online safety, while we’ve touched on the types of warning signs through the Netflix and Westpac case studies, here they sum up the clear cut signs you’re getting scammed:
 
  • You receive an email, text or phone call claiming to be from a bank, telecommunications provider or other business you regularly deal with, asking you to update or verify your details.
  • The email or text message does not address you by your proper name, and may contain typing errors and grammatical mistakes.
  • The website address does not look like the address you usually use and is requesting details the legitimate site does not normally ask for.
  • You notice new icons on your computer screen, or your computer is not as fast as it normally is.

Always be cautious when opening emails – whether opening attachments or clicking links. Carefully review all links, sender details, look for grammatical errors that typically occur in hoax emails, and again exercise extreme caution when opening attachments.

Bottom line – be aware and if in doubt, throw it out! Get in touch with our team to learn how we can ensure online safety.