• Pappabosley@lemmy.world
    link
    fedilink
    arrow-up
    9
    ·
    edit-2
    1 year ago

    The key thing missing is the URL and I would presume the hacker page wouldn’t have a 🔒 both things I would be looking at

    • ⸻ Ban DHMO 🇦🇺 ⸻@aussie.zoneOP
      link
      fedilink
      English
      arrow-up
      10
      ·
      1 year ago

      These are actually for fake banking apps - not the websites, it’s probably more of a concern with Android because of side-loading and how loose the play store is. Also the lock symbol is really easy to get - SSL/TLS is free (Let’s Encrypt) and doesn’t mean that the website is legit, it just means that what you’re seeing is actually www.veryrealcommonwealthbankpage.xyz, not the official Commonwealth Bank site and that all communication cannot be intercepted by a third party

    • Taleya@aussie.zone
      link
      fedilink
      arrow-up
      10
      ·
      1 year ago

      Not only that ‘missing the option to hide your password’ wtf. That’s the opposite of the eye icon.

      Absolute panic bait. 'Can you determine the legitimacy of these login pages for banks you don’t use based on incomplete data?? THEN YOU’RE IN DANGER!!!"

    • wscholermann@aussie.zone
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      1 year ago

      Agreed and I thought the exact same thing, although the website URL and possibly even the SSL certificate details still needs to be checked even with the 🔐.

    • MHLoppy2@aussie.zone
      link
      fedilink
      English
      arrow-up
      6
      ·
      edit-2
      1 year ago

      Given that they remind readers what brands an Android phone phone could be, I don’t think the article is aimed at many aussie zoners.

      I guess they’re trying to drive home that the scammer isn’t coming at you with a poorly worded email riddled with typos here - the overlay can look legitimate (even if in some cases it still has typos lol). Probably would’ve been a bit much for them to cover every banking interface tbf.

    • No1@aussie.zone
      link
      fedilink
      arrow-up
      3
      ·
      1 year ago

      The fact I got 2 downvotes means I was successful at least twice.

      It gives me so much pleasure 😂

  • Outsider9042@aussie.zone
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    1 year ago

    Well spotted, there was a spelling mistake.

    There was? I just picked the one that had the uglier UX.

    Still got them all right.

  • shatterling@lemm.ee
    link
    fedilink
    arrow-up
    3
    ·
    edit-2
    1 year ago

    What is with the borked version number in the real Greater Bank page? That actually caught me out

    V 0.0.0 -2

  • AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    This is the best summary I could come up with:


    The malware is powerful — it can record your calls, harvest your contacts, evade antivirus, bypass multi-factor authentication, log what you type and send you text messages.

    Exclusive new data obtained by the ABC has uncovered what appears to be the first major distribution campaign of the malware, with Australians identified as specific targets.

    This latest campaign against Australians was uncovered by Dario Durando, a senior threat analyst from ThreatFabric, a banking security platform based in the Netherlands.

    An advertisement spruiking Octo boasts the malware has a “high survival rate”, gives hackers “full device control” and has the ability to steal two-factor authentication codes.

    Eward Driehuis, vice president of fraud engineering at ThreatFabric, said the group responsible for Octo was Russian-speaking and possibly linked to the Russian cybercrime underworld.

    Stephanie Tonkin from the Consumer Action Law Centre said Australian banks weren’t doing enough to protect customers, who were being hoodwinked by increasingly sophisticated scams.


    The original article contains 1,200 words, the summary contains 153 words. Saved 87%. I’m a bot and I’m open source!