Surety IT provides a monthly alert of the scams impacting Australian businesses including phishing scams, malware attacks and security breaches/bugs.
You need to be particularly aware of –
1. Telstra Bill Notifications
- Masquerading as a bill notification from Telstra
- Email is in plain text with no Telstra Branding
- Advises recipients that their latest bill is ready to be viewed
- Recipients who click on the link ‘View Bill’ are redirected to what currently shows as a loading page and is likely a Telstra branded phishing page or a malicious file download.
2. Returned Email Messages
- Using a display name of ‘Message Center’ or ‘Message Centre’, this latest phishing scam advises recipients that their incoming messages are being returned.
- Those who click on the ‘Recover Messages’ or ‘Click Here’ links are redirected to a legitimate looking fake Office 365 login page.
3. Bomb Threats Email Scam
- Part of an extortion phishing scam and using random display names, cybercriminals are sending emails threatening to cause physical harm.
- With circulation beginning in December 2018, the format and basic features of these emails are very similar to extortion scams seen before.
- Two different variations of the email scam are being sent.
- Appearing in plain-text format, the body of the email advises recipients that an explosive device has been placed in their building.
- The second variant of the email advises recipients that someone has paid the sender of the email to ‘splash acid in their face’ or ’empty sourness in your visage’.
- Both emails claim that if payment is made, the recipient will not be harmed.
4. Office 365
- This latest scam detected is designed to steal your Office 365 login credentials.
- Using a display name of “Message Center”, the emails appear to be sent from several compromised mail servers in Japan.
- Appearing in plain-text, the email informs recipients that some incoming messages were rejected.
- A link is included to ‘recover messages now’ which redirects to a fake login page incorporating the branding and logo of Office 365.
- Those who click on the link will be asked to enter the login credentials on the fake site.
- After the details have been collected by the scammers, they are then redirected to the legitimate Office 365 website.
- In this latest email phishing scam, cybercriminals have spoofed the Commonwealth Bank.
- Using the display name ‘Commbank’, the emails are titled “You’ve a new account statement – it includes an important notice”.
- Appearing in plain-text format, the email contains a link to ‘read my statement now’.
- If the link is clicked, victims are taken to a fake NetBank login page.
- With the email containing formatting and grammatical errors, this phishing scam has obvious red flags for those vigilant on spotting email scams.
- Whilst the subject line is commonly used in legitimate notifications from CBA, account holders would know that they would never be directed to click on a link to view statements but instead login to there account to view the statement.
6. Energy Australia Brandjacked
- Using a display name of ‘Energy Australia’, Australian inboxes are being flooded with fake ebill notifications claiming to be from Energy Australia
- Advises the recipient that their latest bill is ready to be viewed
- Should the ‘View eBill’ link be clicked, recipients will be led to a malicious file download or to a blank page.
- The red flag on this email is the lack of a personalised addressee, the email states ‘Dear Customer’ as opposed to addressing any customers directly.
If you’d like any further information, assistance with your cyber security or you don’t know where to start please call Surety IT on 1300 478 738 or email firstname.lastname@example.org.
About the Author
Geoff Stewart is a highly experienced and skilled Technology Director at Surety IT. His knowledge is based on years of industry experience having created customised, stable, well performing systems both for multi-national companies in the UK and Australia and Surety IT customers.
Source: https://www.suretyit.com.au/blog/surety-it-security-alert-january-2019/ https://www.hirum.com.au/blog/suretyit-scam-alert-december-2018/ https://www.hirum.com.au/blog/suretyit-scam-alert-november-2018/