Surety IT provides a monthly alert of the scams impacting Australian businesses including phishing scams, malware attacks and security
breaches/bugs.
You need to be particularly aware of –
1. Fake Docusign Email
- This scam email impersonating a DocuSign notification is well designed, as you can see in the screenshot above.
- To add to its deceptive credibility, this formatted message shows the sender details “From: DocuSign – noreply@docusign.delivery”
- The message advises the recipient that they have “received a secure document via DocuSign” and invites them to open an attached .doc file.
- The document is infected with hidden malware which will be covertly activated when it is opened.
- It is unclear what effect the malware might have but spyware and viruses are commonly carried by this kind of scam message.
- Unprotected email users may receive this message today, so please exercise caution.
2. Fake Commbank Email & Phishing Scam
- The scam email pictured above, has been detected, directing recipients to “log on to Netbank” by clicking on a link.
- The scam message has been quite well designed, with forged Commonwealth Bank trademarks, but there is a tell-tale error in the message
text; “to confirm your NetBank account, you are to sign on before April 1st May, - 2018.”
- Small mistakes like this are often the only obvious indication that a message like this is actually a scam.
- Clicking on the link in this message takes the scam victim to a fake Comm-Bank login page:
- This phishing page will harvest the victim’s bank login details, enabling the cybercriminals behind this scam to illegally gain access to
their account.
3. Fake Office 365 Email
- A new scam has been identified using a fake Office 365 notification email that links to a phishing site; see screenshot
above. - The scam is designed to steal your Office 365 login credentials.
- Recipients of the scam email are informed that their “office email” will be deactivated, and instructed to click on a link in the
message to “cancel deactivation.”
- The link in this email is actually pointing to the fake login page that asks for Office 365 login data.
- The sender address associated with this scam message is: ‘noreply@notifications.com’
4.Fake High Court Email
- This new scam is a classic example of criminals using the to persuade people to click on their links.
- This message purports to be from the “High Court of Australia” and advises the recipient that they must “pay the coasts for
Ms Hughes” (sic) – see screenshot above. - No doubt this would cause some confusion for most people who open this message, so the scammers have cunningly made their link read
“additional information,” which sounds harmless until you find out that the link is actually pointing to a malware file designed to infect
victim’s computers. - This message is being sent from a compromised MailChimp account showing the following sender details:
- From: “notification” contact@MauritiusShipModels.com
- From: “notification” firebird@firebirdltd.com
5. ANZ Phishing Scam
- When people get an email from their bank, the last thing they suspect is a scam, so of course, cybercriminals regularly exploit the
trademarks of well-known banks to make their phishing emails more convincing. - A new run of scam messages has been detected, using the branding of ANZ Bank and advising victims “your access has been temporarily
locked.” - The messages go on to say “your profile will be permanently locked if you do not confirm your login details correctly. To keep your account
safe please log on to proceed.” - The emails contain a link, made to look like it points to an ANZ Bank login page, but actually directing the victim to a phishing site:
- The screenshot above shows the fake login page designed by the scammers. You can see that the site looks quite convincing; with ANZ
trademarks and logos. - Once the scam victim has entered their bank login details, they are directed to a second page- shown below – which asks them to submit
their security verification data: - The sole purpose of this elaborate phishing site is to harvest the login credentials of ANZ customers so the criminals behind this scam can
break into their bank accounts.
6. Malware Email Scam
- A new email scam has been detected using a .doc file infected with macro malware.
- This scam email is designed to look like an E-Toll notification.
- The message – as shown in the screenshot above – advises the victim to view their E-toll account statement but the
attached .doc file is infected with a malicious macro which would download malware to the victim’s computer. - The sender display name shown on this scam message is ‘Roads and Maritime Services’:
- The .doc attachment used in this scam advises the recipient to click “enable editing” and “enable content” but these links would activate
macro code malware.
7. Fake DHL Email
- A new email-based cyber-attack exploiting DHL branding has been detected.
- This scam is designed to look like a ‘shipping notification’ from DHLshipping. The text of the message advises the recipient
that they ‘have DHL shipment’ and asks them to ‘download attached to confirm your shipping details. - The attachment labelled ‘shipping details pdf’ is actually a .ace file containing trojan malware.
- The trojan malware contained in this scam message could be very harmful. If you see this message appear in your inbox, please delete it to
avoid risking damage to your computer.
