Surety IT provides a monthly alert of the scams impacting Australian businesses including phishing scams, malware attacks and security
breaches/bugs.
You need to be particularly aware of –
1. DocuSign
- A new phishing scam has been detected that looks like it has been sent by DocuSign disguised as a credit card or loan application.
- The email requests recipients to ‘Review your document’ and click the ‘Sign your file here’ link.
- The link in the message takes the victim to a malicious “Invoice.doc” hosted on GoogleDrive.
- Sender(s) of the scam appear to be random.
2. MYOB
- A new phishing scam has been detected that has brand-jacked MYOB.
- The emails claim to be from HMS Group Pty Limited which may belong to legitimate UK based businesses.
- Well-formatted and looking like legitimate invoices from MYOB; this phishing email hopes that the victim clicks on the ‘View Invoice’ link
providing a malicious payload.
3. Invoice and eFax Scam
- A new scam has been detected that claims to be from E-Fax, PP Sign Management or Sign Management.
- If a victim clicks on the invoice or efax link, they are directed to a compromised host that delivers a malicious archive file containing a
Javascript file
4. Admin Center
- This new scam email claims that your mailbox has failed to sync in attempt to steal account credentials.
- Sent from ‘Admin Center’ with various subjects in the email – ‘Incoming Mails were returned’ or ‘6 incoming emails were returned’
- There is a link in the email that directs victims to a fake but very real landing page for Office 365, where the login credentials are
requested.
5. Office 365 Brandjacking
- A new scam has been detected that claims to be from Office 365 advising that there is an error in their incoming message.
- If a victim clicks the ‘Preview Mailbox’ link, they are directed to a fake Office 365 portal.
- Check the sender of the email before clicking any links to determine if it is a legitimate email from Office 365
- If the link is clicked, the scammers have the victims legitimate credentials to then use themselves.
6. MailChimp
- A new scam has been detected claiming to be from Mancer Corp Pty Ltd
- Consists of a ‘Suspension Notice’ advising recipients that payment for services provided has not been received and that services will be
suspended if not paid immediately. - Second variant of the email informs the recipient that they have a new tax invoice.
- If victims click the ‘View Invoice’ or ‘View Attached Tax Invoice’ link, they are directed to a malicious .doc file download.
