Charles Sturt University
Charles Sturt University

Phishing Emails Examples

This page contains actual phishing emails which have been sent to try and trick people into providing personal information by logging into phishing websites. It also contains examples which had malicious files attached.

Westpac Bank

Although the following examples show Westpac Bank, all Australian banks and financial institutions have been targeted over the last few years by scammers. Westpac and the other major banks publish examples of hoax emails on their websites to educate their customers.

This is an example email which was sent to try and trick the recipient into clicking a link to login to their Westpac account or report the unauthorised funds transfer. The links opens a malicious website which was set up to look like the Westpac site so online banking usernames and passwords could be captured.

Picture of a fake Westpac email

This is an example of an email which was sent to CSU staff and pretended to be from Westpac Bank. It tried to trick recipients by telling them their cards had been temporarily locked for security purposes and they needed to unlock them. It redirected to a phishing website which asked for a substantial amount of personal identification information. A screenshot of the phishing website is included below the phishing email. Notes have been added to both of these screenshots to assist you to identify future threats.

Screenshot of phishing email which purported to be from Westpac

As you can see in the screenshot below the site asked for a significant amount of personal information which could be used for a number of fraudulent purposes.

Screenshot of phishing site pretending to be Westpac

Australian Taxation Office

This is an example phishing email which impersonates the Australian Tax Office. It contained a malicious file instead of a website link.

Picture of an email which pretends to be from the ATO

VISA

This is an example of a phishing email used to impersonate VISA. The link directed recipients to a phishing website which asked people to enter details including their full names, billing address and credit card number.

Picture of a VISA phishing email

Monster

This is an example of an email which was used to impersonate Monster. The job seeking tool that recipients were instructed to run was an EXE (executable) file. When that file was run it installed on the recipients computer which enabled the scammers to gain access to those computers without the owner's knowledge. This enabled them to capture usernames, passwords and financial information which was submitted to legitimate websites.

Picture of a Monster Job Phishing Email

Mailbox capacity exceeded

This email was sent to CSU staff to get them to click a link to increase their mailbox capacity. You cannot click a link to increase your mailbox capacity at CSU. Automatic emails are sent from the IT Service Desk to advise when your mailbox is almost full but you must archive or delete items to free up space. You cannot click a link to increase your quota. It also says it is from the Help Desk not the IT Service Desk. Emails like this should be reported to the IT Service Desk and deleted.

-----Original Message-----
From: Help Desk
Sent: Monday, 25 February 2013 10:48 AM
Subject: Mailbox Capacity Exceeded

Your mailbox has exceeded its allowable storage space. To increase capacity for better functionality of your mailbox, you are required to click or copy and paste the below link into your web browser and follow the instructions therein. Click below to increase your mailbox capacity.

<link has been removed>

Help Desk

Spamcop

This is an example of an email which spoofed a legitimate companies email address. It advised the recipient to click on a link (which has been removed from the email below). The link triggered the download and installation of a file which allowed remote access to the computer and captured account details.

-----Original Message-----
From: “abuse@spamcop.com” (Spoofed email address)
Date: 12/10/2012 03:21PM
Subject: Attention! Your email will be blacklisted

Dear xxx

We have received complaints about bulk emails being sent from your account, for security reasons your email will be blacklisted. This means people you send emails to may have them filtered to their Junk or Spam folders. You can stop bulk emails being sent from your account by changing your password immediately. Once you have changed your password and secured your account we can remove your email address from the blacklist. Click this link to advise when you have performed these steps. No other data will be collected.

Thank you for cooperation.

SpamCOP SBL


Return to Phishing page

Return to Spam page


Top of page