Fake Westpac email

Discussion in 'NZ Computing' started by Michael Daly, Nov 2, 2003.

  1. Michael Daly

    Michael Daly Guest

    This morning I got this from

    ------------------------------------------------------------------------------------------------------
    Dear Westpac Bank Member,

    This email was sent by the Westpac server to verify your e-mail
    address. You must complete this process by clicking on the link
    below and entering in the small window your Westpac Banking
    Customer ID and Password.
    This is done for your protection --- because some of
    our members no longer have access to their email addresses and
    we must verify it.

    To verify your e-mail address and access your bank account,
    click on the link below. If nothing happens when you click on
    the link, copy and paste the link into the address bar of your
    web browser.

    ---------------------------------------------------------------------------------------------------

    Only problem is that:
    a) I wasn't born yesterday
    b) I'm not a Westpac customer
    c) Westpac's address is 'westpac.co.nz', not 'westpac.com.nz'



    Michael Daly
    http://crash.ihug.co.nz/~mikedaly
    Michael Daly, Nov 2, 2003
    #1
    1. Advertising

  2. Michael Daly

    AD. Guest

    On Mon, 03 Nov 2003 09:32:08 +1300, Michael Daly wrote:

    > This morning I got this from
    >
    > ------------------------------------------------------------------------------------------------------
    > Dear Westpac Bank Member,
    >
    > This email was sent by the Westpac server to verify your e-mail address.
    > You must complete this process by clicking on the link below and entering
    > in the small window your Westpac Banking Customer ID and Password.
    > This is done for your protection --- because some of our members no longer
    > have access to their email addresses and we must verify it.
    >
    > To verify your e-mail address and access your bank account, click on the
    > link below. If nothing happens when you click on the link, copy and paste
    > the link into the address bar of your web browser.
    >
    > ---------------------------------------------------------------------------------------------------
    >
    > Only problem is that:
    > a) I wasn't born yesterday
    > b) I'm not a Westpac customer
    > c) Westpac's address is 'westpac.co.nz', not 'westpac.com.nz'


    I got the same thing - I'm not a Westpac customer either.

    I tried to notify them with the email form on their website, but it keeps
    crashing. It even took a few attempts to even get the page loaded.

    I won't list the error in case some PHB tries to sue me for spreading
    vulnerabilities or something, but it's a mind bogglingly silly one.

    Cheers
    Anton
    AD., Nov 2, 2003
    #2
    1. Advertising

  3. Michael Daly

    Chris Mayhew Guest

    Chris Mayhew, Nov 2, 2003
    #3
  4. Michael Daly

    Michael Daly Guest

    Chris Mayhew <> wrote:

    >Michael Daly <*del*> wrote in
    >news::
    >
    >
    >> Michael Daly
    >> http://crash.ihug.co.nz/~mikedaly

    >
    >Did you phone up westpac ? I'm sure they would like to know about it.


    I just sent the whole thing (including header info) to their
    email address via their web site.
    Also sent to IHUG as I reckon that their anti-spam service
    should have blocked this.


    Michael Daly
    http://crash.ihug.co.nz/~mikedaly
    Michael Daly, Nov 2, 2003
    #4
  5. It's very similar to the eBay and PayPal scams that have been doing the
    rounds fairly recently.

    I reckon the scammers are pretty stupid sending it to even non-Westpac
    customers. Mind you, there are probably some people silly enough to fall for
    it even if they don't bank with Westpac!

    The westpac.com.nz address is an absolute giveaway that it's a fake. But I
    guess some people without much Internet savvy wouldn't pick up on that.
    Indeed, they haven't really drawn attention to this on news reports that
    I've heard.

    Best Regards

    ROWAN M.
    WriteWord Translations, Nov 2, 2003
    #5
  6. Michael Daly

    ~misfit~ Guest

    AD. wrote:
    > On Mon, 03 Nov 2003 09:32:08 +1300, Michael Daly wrote:
    >
    >> This morning I got this from
    >>
    >> -------------------------------------------------------------------------

    -----------------------------
    >> Dear Westpac Bank Member,
    >>
    >> This email was sent by the Westpac server to verify your e-mail
    >> address. You must complete this process by clicking on the link
    >> below and entering in the small window your Westpac Banking Customer
    >> ID and Password.
    >> This is done for your protection --- because some of our members no
    >> longer have access to their email addresses and we must verify it.
    >>
    >> To verify your e-mail address and access your bank account, click on
    >> the link below. If nothing happens when you click on the link, copy
    >> and paste the link into the address bar of your web browser.
    >>
    >> -------------------------------------------------------------------------

    --------------------------
    >>
    >> Only problem is that:
    >> a) I wasn't born yesterday
    >> b) I'm not a Westpac customer
    >> c) Westpac's address is 'westpac.co.nz', not 'westpac.com.nz'

    >
    > I got the same thing - I'm not a Westpac customer either.


    <snip>

    <sniff>

    I feel left-out. I'm a westpac customer and use the on-line banking all the
    time and I didn't get this. Not that I would have fallen for it.
    --
    ~misfit~
    ~misfit~, Nov 2, 2003
    #6
  7. Michael Daly

    KS Guest

    > I just sent the whole thing (including header info) to their
    > email address via their web site.
    > Also sent to IHUG as I reckon that their anti-spam service
    > should have blocked this.


    I Spy from IHUG has fallen down considerably lately, as a service. Used to
    get maybe 1 spam a day, now I'm back up to 20 a day. And they're pretty
    obvious crap 'pron', huge, etc stuff.

    Of course, having emailed Ihug about this, as my ISP, I am still waiting 3
    days' later for a reply.

    Ironically, their building is about 1km away from my work, and I drive past
    it every day.

    It would be quicker to crawl on knees to contact them, but hey, where would
    the fun it that be huh ?!
    KS, Nov 2, 2003
    #7
  8. On Mon, 3 Nov 2003 11:12:07 +1300, "WriteWord Translations"
    <> wrote:

    >It's very similar to the eBay and PayPal scams that have been doing the
    >rounds fairly recently.
    >
    >I reckon the scammers are pretty stupid sending it to even non-Westpac
    >customers. Mind you, there are probably some people silly enough to fall for
    >it even if they don't bank with Westpac!
    >
    >The westpac.com.nz address is an absolute giveaway that it's a fake. But I
    >guess some people without much Internet savvy wouldn't pick up on that.
    >Indeed, they haven't really drawn attention to this on news reports that
    >I've heard.


    Never underestimate the intelligence of observational powers of the
    average Net user.

    I suspect that a huge percentage of regular "ma and pa" Net users who
    got an email like this would simply accept it at face value and follow
    the instructions.

    They don't know it should be westpac.co.nz not westpac.com.nz because
    they normally have the site bookmarked and never type the URL anyway.

    This is why it behoves WSP to do a hell of a lot more than simply put
    a notice on the *real* online banking login screen. Those who get
    suckered by this won't see that message until it's too late because
    the link in the email points to a bogus login screen.

    --
    you can contact me via http://aardvark.co.nz/contact/
    Bruce Simpson, Nov 2, 2003
    #8
  9. Michael Daly

    Mainlander Guest

    In article <>,
    *del* says...
    > This morning I got this from
    >
    > ------------------------------------------------------------------------------------------------------
    > Dear Westpac Bank Member,
    >
    > This email was sent by the Westpac server to verify your e-mail
    > address. You must complete this process by clicking on the link
    > below and entering in the small window your Westpac Banking
    > Customer ID and Password.
    > This is done for your protection --- because some of
    > our members no longer have access to their email addresses and
    > we must verify it.
    >
    > To verify your e-mail address and access your bank account,
    > click on the link below. If nothing happens when you click on
    > the link, copy and paste the link into the address bar of your
    > web browser.
    >
    > ---------------------------------------------------------------------------------------------------
    >
    > Only problem is that:
    > a) I wasn't born yesterday
    > b) I'm not a Westpac customer
    > c) Westpac's address is 'westpac.co.nz', not 'westpac.com.nz'


    Let me guess the URL was www.westpac.co.nz@some-other-long-url-to-
    somewhere-else
    Mainlander, Nov 3, 2003
    #9
  10. On Mon, 3 Nov 2003 13:30:26 +1300, Mainlander <*@*.*> wrote:

    >In article <>,
    >*del* says...
    >> This morning I got this from
    >>
    >> ------------------------------------------------------------------------------------------------------
    >> Dear Westpac Bank Member,
    >>
    >> This email was sent by the Westpac server to verify your e-mail
    >> address. You must complete this process by clicking on the link
    >> below and entering in the small window your Westpac Banking
    >> Customer ID and Password.
    >> This is done for your protection --- because some of
    >> our members no longer have access to their email addresses and
    >> we must verify it.
    >>
    >> To verify your e-mail address and access your bank account,
    >> click on the link below. If nothing happens when you click on
    >> the link, copy and paste the link into the address bar of your
    >> web browser.
    >>
    >> ---------------------------------------------------------------------------------------------------
    >>
    >> Only problem is that:
    >> a) I wasn't born yesterday
    >> b) I'm not a Westpac customer
    >> c) Westpac's address is 'westpac.co.nz', not 'westpac.com.nz'

    >
    >Let me guess the URL was www.westpac.co.nz@some-other-long-url-to-
    >somewhere-else


    Yes, I've truncated the URL somewhat just in case some of the
    characters were an encoded version of the recipient's email address
    that might confirm it for inclusion in other spam-outs but you can see
    the details at http://aardvark.co.nz/daily/2003/n1103a.shtml

    --
    you can contact me via http://aardvark.co.nz/contact/
    Bruce Simpson, Nov 3, 2003
    #10
  11. Michael Daly

    Chris Mayhew Guest

    Re: Fake Westpac email __ Get over it its on the News..

    Nick Smith <> wrote in
    news::

    >


    and how do you think it got on the news ? by magic ?
    Chris Mayhew, Nov 3, 2003
    #11
  12. Re: Fake Westpac email __ Get over it its on the News..

    On 03 Nov 2003 , Nick Smith wrote :

    >
    >


    Yet another content-free, intelligence-free post by Roger Sheppard.
    Nicolaas Hawkins, Nov 3, 2003
    #12
  13. Michael Daly

    Mainlander Guest

    In article <>,
    says...
    > On Mon, 03 Nov 2003 09:32:08 +1300, Michael Daly wrote:
    >
    > > This morning I got this from
    > >
    > > ------------------------------------------------------------------------------------------------------
    > > Dear Westpac Bank Member,
    > >
    > > This email was sent by the Westpac server to verify your e-mail address.
    > > You must complete this process by clicking on the link below and entering
    > > in the small window your Westpac Banking Customer ID and Password.
    > > This is done for your protection --- because some of our members no longer
    > > have access to their email addresses and we must verify it.
    > >
    > > To verify your e-mail address and access your bank account, click on the
    > > link below. If nothing happens when you click on the link, copy and paste
    > > the link into the address bar of your web browser.
    > >
    > > ---------------------------------------------------------------------------------------------------
    > >
    > > Only problem is that:
    > > a) I wasn't born yesterday
    > > b) I'm not a Westpac customer
    > > c) Westpac's address is 'westpac.co.nz', not 'westpac.com.nz'

    >
    > I got the same thing - I'm not a Westpac customer either.
    >
    > I tried to notify them with the email form on their website, but it keeps
    > crashing. It even took a few attempts to even get the page loaded.
    >
    > I won't list the error in case some PHB tries to sue me for spreading
    > vulnerabilities or something, but it's a mind bogglingly silly one.


    The URL it redirects to is

    http://www.westpac.com.nz:@rfn7rigmn.da.ru/

    The @ sign in a URL is used to separate a username and/or password from
    the actual URL which appears after the @. The syntax being

    http://username:password@url

    So in this case the username "www.westpac.com.nz" and password "" being
    passed to the site at rfn7rigmn.da.ru which ignores these entries.
    Mainlander, Nov 3, 2003
    #13
  14. Michael Daly

    Mainlander Guest

    In article <vifpb.6049$>,
    says...
    > It's very similar to the eBay and PayPal scams that have been doing the
    > rounds fairly recently.
    >
    > I reckon the scammers are pretty stupid sending it to even non-Westpac
    > customers. Mind you, there are probably some people silly enough to fall for
    > it even if they don't bank with Westpac!
    >
    > The westpac.com.nz address is an absolute giveaway that it's a fake. But I
    > guess some people without much Internet savvy wouldn't pick up on that.
    > Indeed, they haven't really drawn attention to this on news reports that
    > I've heard.


    It's been done in Australia as well, using all kinds of tricks in the URL

    The problem is that a URL like this
    http://www.westpac.com.nz:@rfn7rigmn.da.ru/

    is perfectly legal, but most people wouldn't know the significance of the
    @ sign.
    Mainlander, Nov 3, 2003
    #14
  15. Michael Daly

    Mainlander Guest

    In article <>,
    ess says...
    > On Mon, 3 Nov 2003 11:12:07 +1300, "WriteWord Translations"
    > <> wrote:
    >
    > >It's very similar to the eBay and PayPal scams that have been doing the
    > >rounds fairly recently.
    > >
    > >I reckon the scammers are pretty stupid sending it to even non-Westpac
    > >customers. Mind you, there are probably some people silly enough to fall for
    > >it even if they don't bank with Westpac!
    > >
    > >The westpac.com.nz address is an absolute giveaway that it's a fake. But I
    > >guess some people without much Internet savvy wouldn't pick up on that.
    > >Indeed, they haven't really drawn attention to this on news reports that
    > >I've heard.

    >
    > Never underestimate the intelligence of observational powers of the
    > average Net user.
    >
    > I suspect that a huge percentage of regular "ma and pa" Net users who
    > got an email like this would simply accept it at face value and follow
    > the instructions.
    >
    > They don't know it should be westpac.co.nz not westpac.com.nz because
    > they normally have the site bookmarked and never type the URL anyway.
    >
    > This is why it behoves WSP to do a hell of a lot more than simply put
    > a notice on the *real* online banking login screen. Those who get
    > suckered by this won't see that message until it's too late because
    > the link in the email points to a bogus login screen.


    You expect Westpac to send out spam messages saying to ignore the other
    spam messages?

    By the way, the news item about this was top of the news all this
    morning. I expect it'sll be on the tv news tonight, and across all the
    papers.
    Mainlander, Nov 3, 2003
    #15
  16. Michael Daly

    David Guest

    > Only problem is that:
    > a) I wasn't born yesterday
    > b) I'm not a Westpac customer
    > c) Westpac's address is 'westpac.co.nz', not 'westpac.com.nz'
    >
    >
    >
    > Michael Daly
    > http://crash.ihug.co.nz/~mikedaly


    I got the same, and understood it as it was, spam. Seems to be generated
    from here? This address flashed up before it went to the fake Westpac
    address. Clues anyone? http://gowest.org.co.nr/
    David, Nov 3, 2003
    #16
  17. On 03 Nov 2003 , David wrote :

    >> Only problem is that:
    >> a) I wasn't born yesterday
    >> b) I'm not a Westpac customer
    >> c) Westpac's address is 'westpac.co.nz', not 'westpac.com.nz'
    >>
    >>
    >>
    >> Michael Daly
    >> http://crash.ihug.co.nz/~mikedaly

    >
    > I got the same, and understood it as it was, spam. Seems to be generated
    > from here? This address flashed up before it went to the fake Westpac
    > address. Clues anyone? http://gowest.org.co.nr/
    >
    >
    >


    The suffix ".nr" is the Republic of Nauru.

    --
    Nicolaas.


    - Egomaniac: Person who opens his/her mouth and puts his/her feats in it.
    Nicolaas Hawkins, Nov 3, 2003
    #17
  18. On Mon, 3 Nov 2003 15:36:36 +1300, Mainlander <*@*.*> wrote:

    >> This is why it behoves WSP to do a hell of a lot more than simply put
    >> a notice on the *real* online banking login screen. Those who get
    >> suckered by this won't see that message until it's too late because
    >> the link in the email points to a bogus login screen.

    >
    >You expect Westpac to send out spam messages saying to ignore the other
    >spam messages?


    I'd hardly consider such an email to be spam -- any more than your
    monthly statements are junk-mail.
    >
    >By the way, the news item about this was top of the news all this
    >morning. I expect it'sll be on the tv news tonight, and across all the
    >papers.


    You mean like the 419 Nigerian scams? Yeah, after all that publicity
    (including a local Citybank executive being jailed as a result of such
    a scam, everyone watches/reads the news and nobody else ever gets
    caught out right?

    Not everyone reads/watches the news every day -- and it's not the
    media's job to protect WSP's clients -- it's WSP's job!

    --
    you can contact me via http://aardvark.co.nz/contact/
    Bruce Simpson, Nov 3, 2003
    #18
  19. Michael Daly

    Mainlander Guest

    In article <>,
    ess says...
    > On Mon, 3 Nov 2003 15:36:36 +1300, Mainlander <*@*.*> wrote:
    >
    > >> This is why it behoves WSP to do a hell of a lot more than simply put
    > >> a notice on the *real* online banking login screen. Those who get
    > >> suckered by this won't see that message until it's too late because
    > >> the link in the email points to a bogus login screen.

    > >
    > >You expect Westpac to send out spam messages saying to ignore the other
    > >spam messages?

    >
    > I'd hardly consider such an email to be spam -- any more than your
    > monthly statements are junk-mail.
    > >
    > >By the way, the news item about this was top of the news all this
    > >morning. I expect it'sll be on the tv news tonight, and across all the
    > >papers.

    >
    > You mean like the 419 Nigerian scams? Yeah, after all that publicity
    > (including a local Citybank executive being jailed as a result of such
    > a scam, everyone watches/reads the news and nobody else ever gets
    > caught out right?
    >
    > Not everyone reads/watches the news every day -- and it's not the
    > media's job to protect WSP's clients -- it's WSP's job!


    How do they do this, it will take days to send out letters to every
    customer
    Mainlander, Nov 3, 2003
    #19
  20. Michael Daly

    Nelly Guest

    On Mon, 3 Nov 2003 16:58:28 +1300, Mainlander <*@*.*> wrote:

    >In article <>,
    > says...
    >> On Mon, 3 Nov 2003 15:36:36 +1300, Mainlander <*@*.*> wrote:
    >>
    >> >> This is why it behoves WSP to do a hell of a lot more than simply put
    >> >> a notice on the *real* online banking login screen. Those who get
    >> >> suckered by this won't see that message until it's too late because
    >> >> the link in the email points to a bogus login screen.
    >> >
    >> >You expect Westpac to send out spam messages saying to ignore the other
    >> >spam messages?

    >>
    >> I'd hardly consider such an email to be spam -- any more than your
    >> monthly statements are junk-mail.
    >> >
    >> >By the way, the news item about this was top of the news all this
    >> >morning. I expect it'sll be on the tv news tonight, and across all the
    >> >papers.

    >>
    >> You mean like the 419 Nigerian scams? Yeah, after all that publicity
    >> (including a local Citybank executive being jailed as a result of such
    >> a scam, everyone watches/reads the news and nobody else ever gets
    >> caught out right?
    >>
    >> Not everyone reads/watches the news every day -- and it's not the
    >> media's job to protect WSP's clients -- it's WSP's job!

    >
    >How do they do this, it will take days to send out letters to every
    >customer


    Ihug have forwarded an email warning of the scam to their customers.


    Nelly.
    If you see someone without a smile, give them one of yours :)
    Nelly, Nov 3, 2003
    #20
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. GraB

    "Westpac" scam

    GraB, Nov 3, 2003, in forum: NZ Computing
    Replies:
    31
    Views:
    1,198
  2. Keith Whitehead

    WARNING: new Westpac internet banking fraud

    Keith Whitehead, May 27, 2004, in forum: NZ Computing
    Replies:
    21
    Views:
    1,134
    whoisthis
    May 29, 2004
  3. Bruce Simpson

    Westpac trojan phishing email

    Bruce Simpson, Jun 1, 2004, in forum: NZ Computing
    Replies:
    8
    Views:
    590
    spw2000
    Sep 6, 2011
  4. Craig Shore

    Latest Westpac scam targets NZ users

    Craig Shore, Jul 6, 2004, in forum: NZ Computing
    Replies:
    11
    Views:
    814
    theseus
    Jul 6, 2004
  5. Rob J

    Westpac phishing

    Rob J, Dec 28, 2005, in forum: NZ Computing
    Replies:
    0
    Views:
    330
    Rob J
    Dec 28, 2005
Loading...

Share This Page