Surety IT provides a monthly alert of the scams impacting Australian businesses including phishing scams, malware attacks and security
You need to be particularly aware of –
1. Fake ANZ Email
- A new cyber-attack using an email with a PDF attachment.
The simple email message (screenshot below) tells the recipient that they have an “over due payment” and shows a PDF attachment titled
- The PDF attachment has fake ANZ Bank branding and contains a malicious .jar file download.
- The sending and display address associated with this scam message is: Kirsten.Anderson@dlsgroup.com
2. Fake Commbank Email & Phishing Scam
- A new phishing scam has been detected that uses UPS branding to try and win the trust of victims.
This well-designed scam message tells recipients that their “UPS” package is available for delivery and invites them to track their parcel
by clicking on a link; see screenshot above.
The link in the message actually takes victims of this scam to a phishing website, where they are asked to log in with their Microsoft
- The fake login page is shown in the screenshot below:
- The display name on these scam messages is “Package Tracking” and the displayed sending address is “firstname.lastname@example.org.”
This scam is operating on a compromised website and although it looks quite convincing, it’s sole purpose is to steal the user login
details of victims.
3. Fake Job Application Email
- A new scam has been detected posing as a job application email.
The scam looks like a message from a job applicant, linking to their resume but the link in the email actually directs to a malware file
that targets devices running Windows operating systems.
Although this scam looks simple, the criminals behind it are using thousands of compromised websites and email addresses to power the
attack and avoid the scam being shut down.
Because the scam uses actual email addresses that have been hacked, the sender details also belong to the real people whose accounts have
4. Fake Asic Email
- The email in the screenshot above is a scam message using a fake ASIC logo to deceive recipients.
- ASIC – The Australian Securities and Investments Commission – is Australia’s main financial services and consumer credit regulation body.
- ASIC commands a lot of authority and their branding, therefore, makes a useful tool for cybercriminals running a scam.
This email purports to be an ASIC business name renewal notification and advises the recipient to click on a link to read a “renewal
letter,” but the link actually a malware file.
- Files of this type may deliver spyware, trojans or viruses to the victim’s computer.
5. Fake MYOB Email
- A major cyber-attack has been detected using fake MYOB branded messages – like the one in the screenshot above – that link to malware
The “view invoice” link in the message points to a .doc file which is infected with hidden malware, which will infiltrate the victim’s
computer automatically when it is opened.
The message in this scam is using randomly selected sender addresses to try and bypass detection, but all the sender URLs seem to belong
to one of the following domains:
- These are all newly registered domains created in China.
6. Fake Companies House Email
- This scam email is designed to look like a “company complaint” notification issued by the British Government body Companies House.
- This email appears to come from the senders “Companies House"; noreply[at]cp-gov.uk – or noreply[at]cpgov.uk.
It is well formatted so it looks quite convincing however, the attached word document contains a malware payload designed to infect victims
computers if they open it.
7. Fake GIO Insurance Email
- If you get this simple looking little email in your inbox, don’t click on the link and open the .doc file it points to.
Although the scammers that sent it tried to make it look like a GIO Insurance notification, the sole purpose of this message is to deliver
The .doc file contains hidden code that will deliver malicious software to the victim’s computer in the background, without their
There are 2 different sender display addresses associated with this attack:
- “From: GIO Insurance email@example.com”
- “From: GIO Insurance firstname.lastname@example.org”
- Checking the sender addresses on scam messages like this one is one way to help identify that they are fakes.