Just received this email claiming to be from the Commonwealth Bank:

We recorded a payment request from “HostGator -www.hostgator.com- Reseller Web Hosting” to enable the charge of $74.95 on your account.

 

Because the order was made from an African internet address, we put an Exception Payment on transaction id #POS PAYM7284 motivated by our Geographical Tracking System.

 

THE PAYMENT IS PENDING FOR THE MOMENT.

 

If you made this transaction or if you just authorize this payment, please ignore or remove this email message. The transaction will be shown on your monthly statement as “HostGator – Reseller Web Hosting”.

 

If you didn’t make this payment and would like to decline the $74.95 billing to your card, please follow the link below to cancel the payment :

 

Cancel this payment (transaction id #POS PAYM7284)  (Warning – this is a phishing site – this warning was not in the email, obviously!)

 

NOTE: Because email is not a secure form of communication, please do not reply to this email.

The link takes you to a very plausible looking pretend Commonwealth Bank website, where you are invited to log in so you can cancel the unauthorised transaction. Once you log in, the owner of the fake site has your internet banking username and password, and can access all your online bank accounts.

Even if you think an email may be genuine, never follow links in emails to your banking website (or to PayPal, Amazon, or any other site where you have a password protected account).

Always open a new browser window, go to the official bank web site, and log in from there.