A malicious operation that targets the financial institution's customers
Australian Internet users, particularly customers of Commonwealth Bank of Australia, are advised to be on the lookout for bogus notifications in which they’re informed that a security upgrade has been made to NetCode.“Your NetCode SMS authentication system has been disable for your protection. You are hereby advised to confirm your account information to enable us to activate your NetCode SMS authentication. To enable your account Click here,” the emails read.
Millersmiles.co.uk, the anti-phishing service that has identified the emails, has found that the links pointed to a Russian gaming site. Here, victims were redirected to another site.
At the time of writing, the owners had cleaned up the malicious element hosted on their website, so I’m not sure if the link pointed to a phishing page that requested victims to hand over their personal details, or to a malware-serving domain.
Whichever the case may be, it certainly wasn’t any legitimate Commonwealth Bank of Australia site.
Internauts are advised to beware of such emails since the cybercriminals have most likely moved to another domain to continue their malicious operation.