Surety IT Security Alert – June 2018 Part 1

Share on facebook
Share on twitter
Share on linkedin
Share on pocket

Surety IT provides a monthly alert of the scams impacting Australian businesses including phishing scams, malware attacks and security
breaches/bugs.

You need to be particularly aware of  –

1. E-Toll fake receipt notification


  • The scam uses a simple message that tells the recipient that your payment was successful.
  • The receipt is supposedly attached.
  • Victims  who download the linked file are unwittingly downloading malware to their computer.
  • The message comes from a variety of senders, including – 
  •  “E-Toll (6050834)” Bill@jotbill.com
  •    “Motorway Team (4828291)” steadfast@firstbaptistmaysville.com
  •    “Motorway Team (6059975)” rhondatodd@dpricemd.com
  •    “E-Toll (8990155)” info@mrlimodenver.com
  •    “E-Toll (3133462)” jake@abbottsplace.com
  •    “E-Toll (8213460)” carlos@cmvtransportation.com
  •    “Motorway Team (4940160)” andreas@lct-asia.com
  •    “Motorway Team (1012449)” kevin@boatcarpet.com
  •    “E-Toll (4424201)” bonnie@bandbschnauzers.com
  •    “Motorway Team (1403962)” rvintinner9801@fastemailsystems.com
  •    “E-Toll (6508878)” general@nextgenerationsurfaces.com
  •    “E-Toll (8615796)” bengt.o.lundgren@bjarenet.com
  •    “E-Toll (6087315)” don@donbent.com

2. Fake ATO email alert


  • A new phishing scam has been detected that uses the subject "ATO Warning Document Received".
  • This scam message states "we noticed unlawful fillings (sic) & tax evasion on your previous tax return…To avoid legal action,
    see the link below to view and sign your document"
  • The link in the message actually takes victims of this scam to a phishing website, where they are asked to enter their email address and
    password.
  • Email addresses and passwords captured by this scam will be used to defraud victims.


  • The  senders associated with this email scam are:
  • Jessica Lynn – jlynn@morningstarcfs.org
  • Paul Smart – paulsmart@live.com.au
  • rachael – rachael-alyse@hotmail.com
  • steve schutze – steve_schutze@hotmail.com


3. Brand-jack of OneDrive

  • A new scam has been detected that claims to be from OneDrive and is associated with several sender email accounts including:
  • alison_cody@mckinnonbasketball.org
  • craig@selectinsurance.com.au
  • pierre.mars@cap-xx.com

  • The email tells recipients that there is a "document received via OneDrive" and they should click on a link to "review
    document".
  • The link takes the victim to a phishing page where the victim is asked to submit their login details.
  • This scam is used to harvest victim details that can be used in identity theft and fraud.


4. Fake MYOB Branding

  • The email in the screenshot above is a scam message using MYOB branding to deceive victims into giving up their Microsoft login details.
  • This scam uses a fake MYOB email which asks the victim "To view your Remittance Advice"
  • There is also a grammar error in the next sentence – "You are require to Login….."
  • If the link is clicked on it will open a web page similar to the one shown below.

  • This scam is used to harvest victim details that can be used in identity theft and fraud.


5. Fake Invoices

  • There is a new scam based on fake invoice notifications, as shown above.
  • The message encourages recipients to download and open a "receipt" but the documents in these messages are infected with malware.
  • The  messages originate from a variety of senders and use a ranges of different names but all have links to malware.

 
If you’d like any further information, assistance with your cyber security or you don’t know where to start please call us on  
1300
478 738
 or
email us at 
info@suretyit.com.au.

About the author:

Geoff Stewart

Geoff Stewart

Geoff Stewart is a highly experienced and skilled IT Challenger at Surety IT. His knowledge is based on years of industry experience having created customised, stable, well performing systems both for multi-national companies in the UK and Australia and Surety IT customers.

Surety IT’s mission is to address and overcome the 4 biggest problems businesses have with their IT systems and support which are: poorly performing systems, unreliable systems, unresponsive IT support and poor IT related advice.

We’ve developed a proprietary process that allows us to do that by: thoroughly understanding your business requirements, gaining an in-depth knowledge of your IT systems, identifying mission critical technology issues vital to your business performance and ensuring our ‘Solution Path’ process is specifically designed and tailored for you with value based solutions and support.

Give us a call or send us a message on our contact page to find out more about how we go about achieving these outcomes.

Scroll to Top