Surety IT Security Alert – May 2019

Surety IT provides a monthly alert of the scams impacting Australian businesses including phishing scams, malware attacks and security

You need to be particularly aware of –

1. USD Wire Transfer

  • Simple emails claiming to contain a payment confirmation are arriving into inboxes



  • The attachment contains a malicious payload when opened.
  • A variant of the same email has also been detected with a new email subject line and refers to a ‘Payment Transfer Receipt’.



2. Box Email

  • Popular cloud-based file sharing & collaboration platform for business, Box, is the subject of this latest brandjacking scam.
  • Whilst the emails are well formatted and accurately represent the brand, they are in fact being sent by cyber criminals.



  • If clicked, the download contains a link to a phishing site that has been designed to harvest user information and passwords.

3. Optus

  • Cyber criminals have once again brand jacked Optus
  • Using the display name ‘Optus’, the emails claim to be an Optus bill notification and contain an account number, bill amount and a due
  • Containing several links that lead to a suspicious website, the emails inform recipients that there is a new account number and changes to
    the bill layout including how GST is displayed.


  • Cyber criminals have used several techniques to boost the authenticity of the emails, including incorporating the brand and logo of Optus
    whilst also providing users bill amounts from previous months.

4. Microsoft Exchange

  • Cyber criminals are impersonating Microsoft Exchange by sending simple plain-text emails with the subject ‘Technical Support’
  • Recipients are being requested to validate their Microsoft Exchange Outlook account as a ‘misuse’ of their account has been
  • The email also threatens account inactivation if not validated within 48 hours.


  • Should the link in the email be clicked, recipients are led to a suspicious website designed to harvest confidential user information.



5. Incoming Messages Blocked

  • Using multiple variations and using a display name of “Mail Service”, this email has actually been sent from one of several
    compromised accounts and is designed to harvest confidential information of users.
  • Advises recipients that their incoming messages are being ‘blocked’ due to a problem.
  • To retrieve the messages, recipients are encouraged to click on a link titled ‘view your email quarantine’ and ‘release to inbox’
  • Displayed in a table, all emails that have been quarantined are listed with a subject and what was supposed to be the date but is
    displaying as %DATE%.
  • Multiple links are included in the email. ‘Releahe’ links do not lead to a valid page; whilst the ‘your email quarantine’ and ‘open all
    messages’ lead to a compromised website which hosts a phishing page.

Contact Us

This field is for validation purposes and should be left unchanged.

Find out how we can help with your IT challenges.

About the author:

Picture of Ash Klemm

Ash Klemm

Ash has over 20 years of experience in sales and marketing. His journey from a casual salesperson at Chandlers to State Manager at a national IT distribution company, while battling health issues, including a double lung transplant in 2015, gave him the experience, know-how, tenacity, and marketing insight, to find solutions and help businesses grow. After spending several years in the ivory tower of state management, Ash missed the genuine connection of face to face meetings and helping make a difference to businesses in need. His authentic, conversational, and easy-going nature helps our customers feel at ease and shows them we are a brand to trust. Ash spends his days advocating for our customers to ensure they receive the best possible service in a timely fashion. Ash is also the in house chair builder. His curiosity and natural problem-solving ability make him the perfect first call for all our new customers to help determine what is wrong, how Surety IT can help and what the best solutions are moving forward.
Scroll to Top