Surety IT provides a monthly security alert of the scams impacting Australian businesses including phishing scams, malware attacks and security breaches/bugs.
You need to be particularly aware of:
Australian Taxation Office Spoofed
- This latest spoofing email is yet another variation of the ATO scams distributed over the years.
- Using a display name of “ATO” followed by the email address beginning with “admin@”, the domain used to send these emails does not belong to the ATO.
- The email is titled “ATO (Australian Taxation Office) has shard INV_43189_CO.pdf” and incorporates the Adobe Logo.
- Recipients are informed that an amount is owing and “to avoid any interest or penalties”, they should pay the ATO by the deadline.
- If the link is clicked, recipients are led to a phishing page that claims that “this file is protected by Adobe Technology” and requests log in credentials to be entered.
- This scam is designed to harvest email log in details.
- Red flags include, the recipient not being addressed directly, the ‘from’ field in the email doesn’t use an ATO domain & the presence of grammatical errors.
Office 365 & Dropbox Spoofed
- Uses a display name of “Dropbox”, and are sent from compromised Dropbox email accounts.
- Contains the Dropbox logo and is designed to look as though it is an official Dropbox notification.
- Recipients are informed that a file titled “PO.PDF” was sent using Dropbox Transfer and that the file will expire within 6 days.
- Those who click on the link are led to a high-quality fake branded Dropbox hosted domain with links to Dropbox support pages which contains another link to “Download” the PDF which contains the Office 365 logo.
- Clicking the “Access Document” link leads recipients to a phishing page hosted on Google Docs titled “OneDrive” where users are told to “sign in” using their email accounts which, if completed, advised that the download “has automatically been saved to your OneDrive Folder”.
- The downloaded PDF rather than the email contains the malicious links which is a technique used intentionally to bypass email security filters.
- Red flags within this latest scam include the recipient not being addressed directly and the domain within the PDF not belonging to Office 365.
Covid 19 Scams
Scammers continue to use the spread of COVID-19 (coronavirus) to take advantage of people across Australia, with a wide range of scams including phishing scams, superannuation scams, online shopping scams, and scams specifically targeting businesses.
Business Scam example
Scammers are using COVID-19 in business email compromise scams by pretending to be a supplier or business you usually deal with. Scammers are using COVID-19 as an excuse to divert your usual account payments to a different bank account. Your payment goes to the scammer instead of the real business.
If you’d like any further information, assistance with your cyber security or you don’t know where to start, please call us on 1300 478 738 or Email us