Fraudsters use bank's website

By SCOTT MacLEOD

Fraudsters have sent tens of thousands of emails to New Zealanders and Australians in a devious electronic banking scam.

The fraud aims to trick Westpac customers into revealing their secret banking passwords, and is more sophisticated than earlier efforts.

The latest version, called a "phishing scam", appears to come from the United States.

It urges Westpac customers to click on a link to the bank's website, where they are asked to type their passwords into a box for access.

The website is legitimate, but the password box is controlled by fraudsters who use the details to steal cash from online accounts.

Westpac has been flooded with calls about the scam which used more professional language than earlier efforts from Asia and Russia.

The use of the bank's real Australian website behind the password screen was unusual.

The email even contained a warning about revealing passwords.

Westpac's New Zealand spokesman, Paul Gregory, said the email was sent randomly, including to non-customers.

Judging by the rush of phone calls, "tens of thousands" of people had received the email.

"This latest one is aimed at Westpac Australia customers, but they've got an absolutely massive list of New Zealand and Australian email addresses," Mr Gregory said.

Westpac posted warnings on its website and log-in page.

"Basically, it's just Westpac's turn."

Westpac, the ANZ and other banks have been targeted several times during the past 15 months.

There were no reports yesterday of New Zealanders being tricked into giving their details.

Email scams

* Delete them immediately.

* Banks say they do not ask for passwords by email.

* Do not follow an email link to a banking website.

* Type in the bank's web address yourself.

* If you have been tricked, contact your bank as soon as possible.