Spammers have targeted Westpac Internet banking customers, in an attempt to get people to reveal confidential information, such as user IDs and passwords.
We were alerted to the spam--which urged people to click on a hyperlink that sent them to a fraudulent Web site--from a reader who received the email this morning.
The reader said he had received two emails from different IP addresses. The text of the email asked the recipient to click on a link to update and reactivate their account.
Julia Quinn, a spokesperson at Westpac Banking Corporation, told iTnews that the 'ghost' Web site had been brought to the organisation's attention mid morning.
Quinn said the bank had found out about the existence of the fraudulent site from its IT security staff and calls from customers.
She said that she understood the ghost Web site was hosted by a US-based ISP. 'We have had to involve the Australian Federal Police and the FBI,' Quinn said.
Asked whether the bank would be taking action against the spammer, Quinn said that it took such issues seriously. 'Obviously it's a pretty serious sort of action, so we'll definitely be pursuing it as far as we can,' Quinn said.
She described today's attempt at getting customers to reveal confidential information as similar to an incident on 4 July.
In that instance, an email requesting customers to go through to a ghost Web site also asked people to reveal user IDs and passwords. The ghost Web site detected on 4 July was also US-based, according to a statement released by Westpac at the time.
Westpac isn't the only financial organisation to be the target from this type of fraudulent spam, sometimes known as 'brand spoofing'. Less than two weeks ago, iTnews also reported banking group ANZ had been the target of fraudulent spammers.