Bendigo Bank warns customers about retro scams as cyber crooks step back in time
While nineties and naughties fashions are making a resurgence in popular culture, so too are some vintage scamming techniques, says Bendigo Bank. As we approach tax season, the Bank is alerting customers about a trend of scammers targeting customers asking recipients to open an attached HTML file to view important changes or to electronically sign a document.
“At this time of year, pre-tax time purchases are on the increase and email traffic peaks, so for criminals, the conditions are perfect for phishing,” said Head of Customer Protection, Jason Gordon.
“Phishing has been around since the mid-90s, and people have been warned about not opening suspicious attachments for many years. But attackers are continuously reinventing themselves,” Mr Gordon said.
“What’s new about these attacks is that they’re now using things like customisation, impersonation tactics and what are now viewed as uncommon file attachments, like HTML, to bypass spam filters and catch you in a time of peak activity,” he said.
A raft of recent scam reports to the Bank show emails malicious HTML attachments and Bendigo Bank images and branding, similar to other impersonation scams the Bank has previously warned customer about.
When clicked, the HTML file may open a fake bank log in webpage or form, from which the scammer can harvest personal and secure information to access devices remotely, harvest pins and logins, or even to gain trust of the victim.
“Do not click the link or open files in these emails. It’s important to treat any link or attachment you are sent as suspicious,” Mr Gordon said.
“Bendigo Bank will never send you a HTML file. Bendigo Bank will never ask you to login to Internet Banking via a link sent in an email,” he said.
“If you have received a suspicious email, please forward it to phishing@bendigoadelaide.com.au for investigation.”
Mr Gordon’s advice to customers who may have fallen victim to a bank impersonation scam is to visit www.bendigobank.com.au/security immediately to report it and get support.
“Scammers will act quickly to transfer your funds. Bendigo Bank attempts to recover funds lost to scams wherever possible, but it is extremely difficult to recover money that has been transferred to scammers,” Mr Gordon said.
Bendigo Bank recommends stopping scammers in their tracks by following Scamwatch’s advice:
- STOP – Don’t give money or personal information to anyone if unsure.
Scammers will offer to help you or ask you to verify who you are. They will pretend to be from organisations you know and trust like Services Australia, police, government, or a fraud service. - THINK – Ask yourself could the message or call be fake?
Never click a link in a message. Only contact us, businesses or government using contact information from their official website or through their secure apps. If you’re not sure, say no, hang up or delete. - PROTECT – Act quickly if something feels wrong.
If you notice unusual activity or if a scammer gets your money or information, visit www.bendigobank.com.au/security to report it and get support.