Australia’s biggest bank is working closely with the Australian Federal Police and other government agencies after being alerted to an SMS scam demanding payment from Optus hack victims.
In a post via Twitter, the Commonwealth Bank said it was “aware of an SMS seeking to solicit funds and referencing a CBA bank account following the Optus data breach” and that it has already “identified and blocked this account.”
Optus hack victims received a scam text message saying, “Optus has left security measures allowing us to access the personal information of their customers” before threatening to release further personal details, including name, email, phone number, date of birth, address, and license number, unless they fork out $2,000 into a CBA account, iTnews reported.
Despite the fraud text, no funds so far have been paid into the scam account, and none can be received now that the account has been blocked.
“We continue to work closely with the Australian Federal Police and other investigative, government and regulatory authorities to limit the impact of any fraud and scams resulting from the events over the past few days,” the bank said in a statement. “In addition, we have been communicating directly with millions of our customers since the weekend with advice on keeping their accounts safe and what additional steps they can take with our help to protect themselves from cyber fraud.”
CBA is “closely monitoring developments at Optus following the reported cyberattack on the company,” a spokesperson told iTnews. “The security of our customers banking is an absolute critical priority for us and as part of our ongoing efforts to combat fraud and scams we are in the process of sending out specific information to help protect them against the prospect of such fraudulent activity.
“We also have in place dedicated teams and protective systems to actively monitor unusual or suspicious activity 24 hours a day, seven days a week. When we suspect any such activity, we will raise our concerns with customers to confirm whether such transfers or purchases are legitimate. If customers notice any unusual transactions or activity with their banking services, they should contact us immediately.”