Internet Banking will be unavailable due to scheduled maintenance on Sunday 3 March from 12:30am-5:30am. We apologise for any inconvenience caused.

Scheduled maintenance:  Internet banking and mobile app will be taking a short nap for some sprucing up on Sunday, 21 April. They’ll be off-duty from 01:00am to 04:30am (AEST). Thanks for your patience!



News & Insights

For all the latest news and events

News & Insights

For all the latest news and events

Facebook Messenger used to spread adware

Cybercriminals are using Facebook Messenger to spread adware, duping victims by redirecting them to fake versions of popular websites that are tailored to their browser.

Researchers have suggested that malicious links are being sent from Messenger accounts that have been compromised as a result of stolen credentials, hijacked browsers, or clickjacking.

How is it installed?

The user is sent a message composed of their name followed by the word ‘Video’, and a shocked emoji face with a shortened URL: for example, ‘David Video’.

The link leads to a compromised website which blurs a photo taken from the victim’s Facebook page and makes it look like a playable movie. When the victim clicks on this video, the malware will send them to one of a number of different websites, depending on their browser, operating system, location, and other factors.

This site will then attempt to encourage the target to install adware. For example, a Google Chrome user is sent to a website designed to look like YouTube, complete with the official logo and branding. The website shows the visitor a fake error message designed to trick them into downloading a malicious Chrome extension.

While little is known about the campaign or those behind it, the sheer number of Facebook Messenger users presents an extremely large base of targets for those behind the adware.

More news and insights

Is there something else we can help you with?

A quick jump to content you may be interested in.