Surety IT Security Alert – April 2019

Surety IT provides a monthly alert of the scams impacting Australian businesses including phishing scams, malware attacks and security
breaches/bugs.

You need to be particularly aware of –

1. ATO

  • In this latest phishing scam, the ATO has been targeted in yet another variation of scams distributed by cybercriminals over many
    years.
  • Email is sent using display name ‘Shipments in transit’ and is from a compromised account.
  • Formatted in plain-text, the email begins with ‘Dear sir’ and requests recipients contact the ATO

  • Directed to the attached ‘Tax Documents’, the link within the PDF leads to a phishing page with an ATO logo tiled background.
  • Once on this page, victims are requested to sign in with their email and password, they then are redirected to the Yahoo! login page.

 


2. Netflix

  • In yet another scam targeting Netflix, this latest phishing scam contains several red flags including grammatical, spelling and spacing
    errors throughout the email.
  • Using special characters to obscure the display name of ‘Netflix’ and sent from a compromised account, this scam advises recipients that
    they are supposedly facing ‘some trouble’ with ‘billing information’.
  • Recipients are then directed to update their ‘MASTERCARD’ payment details by clicking on the ‘Update Account Now’ button.
  • Those who click are led to a phishing site page hosted on Blogspot which has since been taken down and is no longer being displayed.

 


3. Xero

  • Spoofed in yet another scam, cyber criminals are sending hoax invoice notifications purporting to be from Xero.
  • Sent from the domain ‘@post.xero.com’, the email advises recipients that their Xero invoice is ready and the amount will be debited from
    their credit card on or after ’23 Oct 2018′
  • Those who click on the INV link are led to what is currently showing as a blank page but is suspected to serve a malicious file
    download.
  • The red flag in this scam is that the real Xero invoices using a PDF attachment rather than a link to an external website.

 


4. Optus

  • Optus have once again been targets of cyber crime.
  • In this latest scam and appearing in several variations using the domain ‘optusnet.com.au’, this one is designed to result in running a
    malicious .vbs file.
  • In the first example, sent in plain text format, the scam advises recipients that their ‘Public Question/Statement Time Request Form’ is
    attached.
  • The email body claims the copy is attached as a ‘MS Wd’ as the form made the font very small; however the attached is a password protected
    ZIP archive and if accessed using the password in the email, contains a malicious VBS file.

 

 

  • The second example states that it is for a Federal Police Check and asks the recipient to review it.
  • The body of the email advises that their application is attached; however no files are attached to the email. Instead the words ‘attached
    application’ and ‘your application’ are linked to a .zip file download which contains the malicious VBS file.

.


5. Invoice2Go

  • In this latest scam, cyber criminals are sending hoax invoice notifications purporting to be from the popular invoicing app, Invoice2Go.
  • Sent by one of several compromised accounts, the display name ‘Invoice2go’ is used and advises recipients that their ‘invoice has not been
    opened yet’ and includes a link to view the invoice.
  • Currently leading to a blank page, it has been discovered in some cases that the link triggers a download of a malicious file.
  • Looking quite convincing due to the inclusions of Invoice2Go’s branding and  logo, the usage of the subject ‘unopened invoice’ also
    creates a sense of mystery and urgency prompting the recipient to view the invoice.

 


If you’d like any further information, assistance with your cyber security or you don’t know where to start please call us on  1300
478 738

or email us at  info@suretyit.com.au.

Contact Us

Name(Required)
This field is for validation purposes and should be left unchanged.

Find out how we can help with your IT challenges.

About the author:

Picture of Ash Klemm

Ash Klemm

Ash has over 20 years of experience in sales and marketing. His journey from a casual salesperson at Chandlers to State Manager at a national IT distribution company, while battling health issues, including a double lung transplant in 2015, gave him the experience, know-how, tenacity, and marketing insight, to find solutions and help businesses grow. After spending several years in the ivory tower of state management, Ash missed the genuine connection of face to face meetings and helping make a difference to businesses in need. His authentic, conversational, and easy-going nature helps our customers feel at ease and shows them we are a brand to trust. Ash spends his days advocating for our customers to ensure they receive the best possible service in a timely fashion. Ash is also the in house chair builder. His curiosity and natural problem-solving ability make him the perfect first call for all our new customers to help determine what is wrong, how Surety IT can help and what the best solutions are moving forward.
Scroll to Top