Rob Wilson, managing director at online auction house, Auction Trader contacted iTnews after the company received a spam email intended for an ex-employee.
Wilson said that the email asked the recipient to update their information. When he clicked on the link it took him to a Website that had what looked like the correct URL in the browser and an image of a padlock on the right-hand side of the page, Wilson said.
According to Wilson, he was alerted to it being a fraudulent Website because the images seemed fussy on his monitor. “It would take 99 percent of novice users by surprise,” he argued. “[They] wouldn't be aware of fraudulent activity that goes on on the Internet.”
Julia Quinn, a spokesperson for Westpac, told iTnews that there had been a couple of different versions of the email, one of which had contained what looked like the correct URL when people clicked on the hyperlink.
Quinn said that the fraudulent spam and 'ghost' Website had come to the bank's notice in the early hours of the morning, with the site shut down before 8am today.
While Quinn revealed that the site wasn't shut down by the authorities, she said she couldn't comment on how it was shut down due to the site being part of a current investigation by the Australian Federal Police and FBI.
“We did get a handful of calls [from customers] this morning,” Quinn said. “There's a lot of community understanding, and warnings on our Website.”
According to Quinn, Westpac has been the target of fraudulent spammers trying to get users to reveal their details through 'ghost' Websites three times over recent months.
According to a statement issued by the bank, “Westpac views all matters of security and confidentiality with the utmost priority, and the bank has taken action to have the site investigated via the Australian Federal Police and the FBI.”
The 'ghost' Internet banking site had been located overseas, it stated.
Among the suggested cautions Westpac made to customers was the advice that they should look for the locked padlock symbol at the bottom right corner of their browser, and click on this to check the certificate.
Last month iTnews reported on a previous incident where Westpac had been hit by a fraudulent spammer. In this incident the 'ghost' Website was also located offshore.