Surety IT Security Alert – June 2020

Surety IT provides a monthly security alert of the scams impacting Australian businesses including phishing scams, malware attacks and security breaches/bugs.

You need to be particularly aware of:

1. Fraudulent Emails using Excel attachments

  • Sent with no subject or text in the email body, this fraudulent email uses a malicious payload disguised as a Microsoft Excel attachment.
  • Originates from a large number of different email address, likely to be compromised accounts.
  • Once recipients enable macros/ additional content to be run, the malicious code is executed.

Fraud June 2020

2. DHL Spoofed

  • Purports to be from DHL, titled “DHL Shipment Thursday, June 11, 2020 & includes the recipients email address in the “from” field.
  • Sent from a compromised email account, it informs recipients that “the courier” is unable to send a package that “arrived today”
  • Requests confirmation of tracking number via a link which leads to a DHL branded phishing page.
  • Should the link be clicked, personal details are requested, such as full name, address & phone number and upon submission, recipients are advised that an error has occurred and they are redirected to the actual DHL website.

DHL Spoof

3. Qantas Spoofed: “Coronavirus Relief  Bonus”

  • Titled “Your Coronavirus Relief Bonus is about to expire”, originates from several email addresses belonging to different domains and uses multiple display names.
  • Containing Qantas logo and branding within the body of the email, recipients are provided with a button to login and claim the bonus.
  • The button directs recipients to a phishing page that appears as a Qantas Frequent Flyer login page.
  • Personal details such as membership number, last name and security PIN are requested and those who provide these details are taken to another page which displays the error “the details do not match our records”.

Qantas Spoof

4. Zoom Video Conferencing Invitation

  • In attempt to obtain confidential information, an email purporting to be from Zoom is hitting inboxes.
  • Sent using a display name of “Zoom Video Communications”, the email is titled “Zoom Video Conferencing invitation Wednesday, May 13, 2020 and originates from multiple randomly generated email addresses hosted on
  • Within the body, the email is directed to the email address displayed in the “to” field and informs recipients that they have received a video conferencing invitation.
  • Upon clicking the button to “review invitation”, the recipient is led to a fake Microsoft-branded login page whereby they are requested to sign in to Zoom with your Microsoft 365 account which is not hosted on either a Zoom or Microsoft domain.
  • Once “logged in”, the recipient receives an error “sign in attempt timeout, verify your password to access Zoom invitation” whereby on submission of the password on a 2nd attempt, recipient is redirected to the legitimate Zoom home page.


5. Microsoft Office 365 Spoofed

  • Microsoft Office 365 have been brand-jacked in an attempt to obtain confidential information.
  • Using the domain of the recipient’s email address as a prefix, the display name also contains the words “Mail Control System”
  • Titled “Extremity Alert Surfaced” followed by a time stamp, the email originates from a single compromised email address and contains Office 365 logo and branding.
  • Those who click on the “View Message” link are redirected to a fake Microsoft Office 365 branded login page which is a phishing page hosted on a domain not belonging to Microsoft.
  • To verify identity, CAPTCHA is required first followed by entry of password which prompts are “wrong password” error message.
  • Upon entering the password a 2nd time, users receive account verification confirmation and are redirected to the authentic Office 365 login page.

Office 365


If you’d like any further information, assistance with your cyber security or you don’t know where to start, please call us on  1300 478 738 or Email us

Contact Us

This field is for validation purposes and should be left unchanged.

Find out how we can help with your IT challenges.

About the author:

Picture of Ash Klemm

Ash Klemm

Ash has over 20 years of experience in sales and marketing. His journey from a casual salesperson at Chandlers to State Manager at a national IT distribution company, while battling health issues, including a double lung transplant in 2015, gave him the experience, know-how, tenacity, and marketing insight, to find solutions and help businesses grow. After spending several years in the ivory tower of state management, Ash missed the genuine connection of face to face meetings and helping make a difference to businesses in need. His authentic, conversational, and easy-going nature helps our customers feel at ease and shows them we are a brand to trust. Ash spends his days advocating for our customers to ensure they receive the best possible service in a timely fashion. Ash is also the in house chair builder. His curiosity and natural problem-solving ability make him the perfect first call for all our new customers to help determine what is wrong, how Surety IT can help and what the best solutions are moving forward.
Scroll to Top