Surety IT Security Alert – October 2018

Share on facebook
Share on twitter
Share on linkedin
Share on pocket

Surety IT provides a monthly alert of the scams impacting Australian businesses including phishing scams, malware attacks and security
breaches/bugs.

You need to be particularly aware of  –

1. DocuSign 

  • A new phishing scam has been detected that looks like it has been sent by DocuSign disguised as a credit card or loan application.

  • The email requests recipients to ‘Review your document’ and click the ‘Sign your file here’ link. 
  • The link in the message takes the victim to a malicious "Invoice.doc" hosted on GoogleDrive.
  • Sender(s) of the scam appear to be random.

2. MYOB  

  • A new phishing scam has been detected that has brand-jacked MYOB.
  • The emails claim to be from HMS Group Pty Limited which may belong to legitimate UK based businesses. 
  • Well-formatted and looking like legitimate invoices from MYOB; this phishing email hopes that the victim clicks on the ‘View Invoice’ link
    providing a malicious payload.


3. Invoice and eFax Scam

  • A new scam has been detected that claims to be from E-Fax, PP Sign Management or Sign Management.
  • If a victim clicks on the invoice or efax link, they are directed to a compromised host that delivers a malicious archive file containing a
    Javascript file


4. Admin Center 

  • This new scam email claims that your mailbox has failed to sync in attempt to steal account credentials. 
  • Sent from ‘Admin Center’ with various subjects in the email – ‘Incoming Mails were returned’ or ‘6 incoming emails were returned’

  • There is a link in the email that directs victims to a fake but very real landing page for Office 365, where the login credentials are
    requested.


 5. Office 365 Brandjacking

  • A new scam has been detected that claims to be from Office 365 advising that there is an error in their incoming message. 

  • If a victim clicks the ‘Preview Mailbox’ link, they are directed to a fake Office 365 portal.
  • Check the sender of the email before clicking any links to determine if it is a legitimate email from Office 365
  • If the link is clicked, the scammers have the victims legitimate credentials to then use themselves. 

6. MailChimp

  • A new scam has been detected claiming to be from Mancer Corp Pty Ltd
  • Consists of a ‘Suspension Notice’ advising recipients that payment for services provided has not been received and that services will be
    suspended if not paid immediately. 

  • Second  variant of the email informs the recipient that they have a new tax invoice. 

  • If victims click the ‘View Invoice’ or ‘View Attached Tax Invoice’ link, they are directed to a malicious .doc file download.


If you’d like any further information, assistance with your cyber security or you don’t know where to start
please call us on 1300 478 738
 or
email us at 
info@suretyit.com.au.

About the author:

Geoff Stewart

Geoff Stewart

Geoff Stewart is a highly experienced and skilled IT Challenger at Surety IT. His knowledge is based on years of industry experience having created customised, stable, well performing systems both for multi-national companies in the UK and Australia and Surety IT customers.

Surety IT’s mission is to address and overcome the 4 biggest problems businesses have with their IT systems and support which are: poorly performing systems, unreliable systems, unresponsive IT support and poor IT related advice.

We’ve developed a proprietary process that allows us to do that by: thoroughly understanding your business requirements, gaining an in-depth knowledge of your IT systems, identifying mission critical technology issues vital to your business performance and ensuring our ‘Solution Path’ process is specifically designed and tailored for you with value based solutions and support.

Give us a call or send us a message on our contact page to find out more about how we go about achieving these outcomes.

Scroll to Top