Saturday, May 30, 2009

Virus alert: Dear Commonwealth Bank of Australia Customer

Over the last week or so the number of phishing emails I've received aimed at Commonwealth Bank Of Australia customers has increased significantly. Many clients are also receiving similar emails every day.

The simplest way to make sure you don't get fooled from a phishing attempt aimed at your bank, is not to provide your bank with your email address in the first place. If they already have your email address ask them to remove it. That way they can't contact you via email and every email relating to your financial institution is fake. My bank has never had my email address and I've never had a problem with receiving information from a bank.

Today I received four emails with the subjects:

1. Dear Commonwealth Bank of Australia Customer
2. Important information regarding your account
3. Important information regarding your account
4. CommAu Survey - 50$ to your account in under 2 minutes!

I thought I'd review each one of these in case it helps others.

1. This email is a fairly obvious fake because of the incorrect spelling in the following line.

"Your internet banking account is currently locked because a suspicious tranzaction was made."

On the next line it contains a link which is most likely the address of the phishing site.

The advice nearly everyone gives is never click on a link to go to your bank site. Always enter the address in the address bar of the browser. I would probably add, never trust an email which appears to come from a financial institution.

The origin of this email was Atlanta Georgia in the United States.

2. This email was a much better quality phishing attempt. Well laid out. It is warning the user their account may be suspended. This may put people under pressure leading them to make the mistake of clicking on the link.

The text you see on the link does appear to be the correct site address for the Commonwealth Bank, but don't be fooled. The actual address you don't see is to the site (XXX added so site not valid) which will be a phishing site.

These are the type of phishing attempts which are the most concern. Attempts which look professional and I've seen some attempts which are extremely good.

As usual the moral here is never trust an email which appears to come from a financial institution.

This email came from Mount Laurel, New Jersey in the United States.

3. This email contains a graphic and some text "YRKOQYGUIDFYGVQZBEEOXCVEUOQDJUEWMPXUTF" which appears to be nonsense. The graphic itself was suppressed by the email client making this look like an obvious phishing attempt. The graphic is a link and clicking on the graphic would go to the site (XXX added so site not valid).

Once again this email is an obvious phishing attempt. I don't know of any business that sends an unsolicited email that only contains an image.

This email came from Venezuela.

4. This email is poorly written and includes "50$" in the text, which is an obvious indication the email is not legitimate.

The email contains a link which is to the site (XXX added so site not valid). It is easy to see the underlying site address if you have an email client that shows the address when you hover over the link. For example Outlook shows the link address as a text tip. Free email clients like Google hide this very important information and in my opinion is a serious limitation of Gmail.

Some phishing attempts are so good it is hard to tell they are not real. Checking the address of a link address can help to show the email is fake. Trust your instinct. If the email is suspicious to you, then it probably is a phishing attempt. Don't trust the email.

The origin of this email was Shawinigan, Qubec in Canada.

People I know try to block these emails in their email clients. This is generally a waste of time as those creating these emails continuously change their approach, even on a day to day basis. When collecting email from a pop3 mail server I use OzEfilter to delete these unwanted emails at the mail server before they reach my computer. This is a much safer approach than letting these and other malicious emails into your computer.

I hope the above information helps others. Most people are not tricked by phishing attempts, but since these emails are sent out to vast numbers of people, even a small percentage of being tricked will result in quite a number of people being affected.


Kelvin Eldridge



Sunday, May 24, 2009

Alice's Adventures in Wonderland by Lewis Carroll now Australianised.

One of the problems reading books from overseas, is often they use a different dialect of English than we do in Australia. If we read the different spellings often enough, we start to wonder about our own spelling.

As part of developing Kelvin's spellcheck dictionary of preferred Australian English spelling, I'm now using the dictionary to convert some of the famous e-books which are available. The first e-book I've released is Alice's Adventures in Wonderland by Lewis Carroll.

You can find this e-book and other books from Australian authors on the JustLocal book page


Kelvin Eldridge

Wednesday, May 20, 2009

JustLocal: Release of Western Australia postcode pages.

The following areas in Western Australia have now been released on JustLocal. This is a great opportunity to build the local communities in the area. FREE advertising is available for the local community.

6055: Caversham, Guildford, Hazelmere, Henley Brook, South Guildford, West Swan.

6056: Baskerville, Bellevue, Boya, Greenmount, Helena Valley, Herne Hill, Jane Brook, Koongamia, Middle Swan, Midland, Midvale, Millendon, Red Hill, Stratton, Swan View, Viveash, Woodbridge.

6065: Ashby, Darch, Gnangara, Hocking, Jandabup, Landsdale, Lexia, Madeley, Mariginiup, Melaleuca, Pearsall, Pinjar, Sinagra, Tapping, Wangara, Wanneroo.

6068: Whiteman.

6069: Belhus, Brigadoon, Ellenbrook.

6083: Gidgegannup, Morangup.


- Kelvin Eldridge

PS You can also go to the postcode pages from the main page of JustLocal by entering the postcode.