Surety IT Security Alert – April 2019

Share on facebook
Share on twitter
Share on linkedin
Share on pocket

Surety IT provides a monthly alert of the scams impacting Australian businesses including phishing scams, malware attacks and security

You need to be particularly aware of –

1. ATO

  • In this latest phishing scam, the ATO has been targeted in yet another variation of scams distributed by cybercriminals over many
  • Email is sent using display name ‘Shipments in transit’ and is from a compromised account. 
  • Formatted in plain-text, the email begins with ‘Dear sir’ and requests recipients contact the ATO

  • Directed to the attached ‘Tax Documents’, the link within the PDF leads to a phishing page with an ATO logo tiled background.
  • Once on this page, victims are requested to sign in with their email and password, they then are redirected to the Yahoo! login page.

2. Netflix

  • In yet another scam targeting Netflix, this latest phishing scam contains several red flags including grammatical, spelling and spacing
    errors throughout the email. 
  • Using special characters to obscure the display name of ‘Netflix’ and sent from a compromised account, this scam advises recipients that
    they are supposedly facing ‘some trouble’ with ‘billing information’.
  • Recipients are then directed to update their ‘MASTERCARD’ payment details by clicking on the ‘Update Account Now’ button. 
  • Those who click are led to a phishing site page hosted on Blogspot which has since been taken down and is no longer being displayed. 

3. Xero

  • Spoofed in yet another scam, cyber criminals are sending hoax invoice notifications purporting to be from Xero.
  • Sent from the domain ‘’, the email advises recipients that their Xero invoice is ready and the amount will be debited from
    their credit card on or after ’23 Oct 2018′
  • Those who click on the INV link are led to what is currently showing as a blank page but is suspected to serve a malicious file
  • The red flag in this scam is that the real Xero invoices using a PDF attachment rather than a link to an external website. 

4. Optus

  • Optus have once again been targets of cyber crime. 
  • In this latest scam and appearing in several variations using the domain ‘’, this one is designed to result in running a
    malicious .vbs file. 
  • In the first example, sent in plain text format, the scam advises recipients that their ‘Public Question/Statement Time Request Form’ is
  • The email body claims the copy is attached as a ‘MS Wd’ as the form made the font very small; however the attached is a password protected
    ZIP archive and if accessed using the password in the email, contains a malicious VBS file. 


  • The second example states that it is for a Federal Police Check and asks the recipient to review it. 
  • The body of the email advises that their application is attached; however no files are attached to the email. Instead the words ‘attached
    application’ and ‘your application’ are linked to a .zip file download which contains the malicious VBS file.


5. Invoice2Go

  • In this latest scam, cyber criminals are sending hoax invoice notifications purporting to be from the popular invoicing app, Invoice2Go.  
  • Sent by one of several compromised accounts, the display name ‘Invoice2go’ is used and advises recipients that their ‘invoice has not been
    opened yet’ and includes a link to view the invoice. 
  • Currently leading to a blank page, it has been discovered in some cases that the link triggers a download of a malicious file. 
  • Looking quite convincing due to the inclusions of Invoice2Go’s branding and  logo, the usage of the subject ‘unopened invoice’ also
    creates a sense of mystery and urgency prompting the recipient to view the invoice. 

If you’d like any further information, assistance with your cyber security or you don’t know where to start please call us on  1300
478 738

or email us at

About the author:

Geoff Stewart

Geoff Stewart

Geoff Stewart is a highly experienced and skilled IT Challenger at Surety IT. His knowledge is based on years of industry experience having created customised, stable, well performing systems both for multi-national companies in the UK and Australia and Surety IT customers.

Surety IT’s mission is to address and overcome the 4 biggest problems businesses have with their IT systems and support which are: poorly performing systems, unreliable systems, unresponsive IT support and poor IT related advice.

We’ve developed a proprietary process that allows us to do that by: thoroughly understanding your business requirements, gaining an in-depth knowledge of your IT systems, identifying mission critical technology issues vital to your business performance and ensuring our ‘Solution Path’ process is specifically designed and tailored for you with value based solutions and support.

Give us a call or send us a message on our contact page to find out more about how we go about achieving these outcomes.

Scroll to Top