Surety IT provides a monthly alert of the scams impacting Australian businesses including phishing scams, malware attacks and security
You need to be particularly aware of –
1. Fake infringement notice
- These scam messages are coming from a wide variety of email accounts, including –
- Jody Charles: email@example.com
- Aidan Murphy: firstname.lastname@example.org
- Billy Campbell: email@example.com
- Jenson Roberts: firstname.lastname@example.org
- Logan Saunders: email@example.com
- Billy Campbell: firstname.lastname@example.org
- Jacob Parry: email@example.com
- Stephen Oliver: firstname.lastname@example.org
- Hayden Reynolds: email@example.com
- Jenson Roberts: firstname.lastname@example.org
- Derrick Jackson: email@example.com
- Paxton Dunlap: firstname.lastname@example.org
- Ben Moore: email@example.com
- Cyrus Weber: firstname.lastname@example.org
- Ethan Anderson: email@example.com
- There are several variations of the email with different amounts and office names
- If the link in the email is clicked on it downloads malware to a victims computer
2. Login data scam
- A new phishing scam has been detected that tries to harvest a victim’s login details.
- If the link in the email is clicked on, it points to a fake email login page asking for the victim’s login data.
- Information harvested in this scam is used to defraud victims.
3. New MYOB brand-jacking scam
- A new scam has been detected that shows MYOB branding and is supposedly a document notification email.
- The attached file contains malware that will infect a victim’s computer.
4. Quote request scam
- The email in the screenshot above is a scam message and is meant to look like a quote request.
- There are several grammar errors in the email.
- If the attachment is clicked on, it will install malware on the victim’s computer.
5. One Drive brand-jacking
- There is a new scam that tries to harvest victim’s Office 365 credentials.
- If the victim clicks on the "Check Pay Doc" link they are directed to a fake Office 365 login page.
- If the victim then enters their credentials into the login page, their details are harvested and used to defraud them.