Cybersecurity company MailGuard has detected suspect emails that attempt to collect personal and banking information of Westpac customers.
When clicking the link send via email, the user is taken to a fake Westpac login page hosted under the internet domain of a Tanzanian guesthouse, which MailGuard suspects is a victim of hacking itself.
Once the users enters their Westpac customer ID and password into the phishing page, the criminals use the credentials to log in to the real Westpace online banking and transfer money to themselves.
Westpac has advised customers that may have entered information into the phishing page to contact it immediately. People who receive suspect emails can forward them to email@example.com for investigation.