Surety IT Security Alert – September 2018

Share on facebook
Share on twitter
Share on linkedin
Share on pocket

Surety IT provides a monthly alert of the scams impacting Australian businesses including phishing scams, malware attacks and security

You need to be particularly aware of  –

1. NAB Bank Branding Hijacked

  • A new phishing scam has been detected that looks like it has been sent by NAB Bank.
  • It advises the recipient that their account ‘is now locked’.

  • The link in the message takes the victim to a phishing page made to look like a real NAB login portal.
  • The phishing page harvests the personal login information of the victim and forwards them to a second page which collects their credit card
  • To identify the scam,  If you look at the email address of the original email sent, you will see it is not a NAB official

2. St George Bank Email Scam 

  • A new phishing scam has been detected that has brand-jacked St George Bank.
  • This phishing email hopes that the victim clicks on the link which directs them to a fake but convincing St George Bank login page.
  • If the victim inputs their details, the scammers have all the details they need to access the account and take any money in it.

3. Naffco Email Scam

  • A new scam has been detected that claims to be from Naffco.
  • If a victim clicks on the document attachment link they are directed to a malware infected Dropbox File.
  • If clicked, the victim’s computer can be infected with viruses, spyware and crypto-jacking malware. 

4. ANZ Internet Banking Scam

  • This new scam email uses ANZ branding in attempt to steal internet banking credentials and personal details. 
  • There is a link in the email that directs victims to a fake but very real landing page for ANZ internet banking, where customer
    registration number and password is requested. 
  • Once the login credentials are entered, the victim is then asked for their full personal details including drivers license number, mobile
    number, date of birth and full name.


5. Office 365 ‘Failure to Sync’

  • A new scam has been detected that claims to be from Office 365 advising that the email account ‘failed to connect’. 
  • If a victim clicks the ‘Retrieve Messages’ link, they are directed to a fake Office 365 portal.
  • Check the sender of the email before clicking any links to determine if it is a legitimate email from Office 365
  • If
    the link is clicked, the scammers have the victims legitimate credentials to then use themselves. 

you’d like any further information, assistance with your cyber security or you don’t know where to start please call us on 1300 478
email us at

About the author:

Geoff Stewart

Geoff Stewart

Geoff Stewart is a highly experienced and skilled IT Challenger at Surety IT. His knowledge is based on years of industry experience having created customised, stable, well performing systems both for multi-national companies in the UK and Australia and Surety IT customers.

Surety IT’s mission is to address and overcome the 4 biggest problems businesses have with their IT systems and support which are: poorly performing systems, unreliable systems, unresponsive IT support and poor IT related advice.

We’ve developed a proprietary process that allows us to do that by: thoroughly understanding your business requirements, gaining an in-depth knowledge of your IT systems, identifying mission critical technology issues vital to your business performance and ensuring our ‘Solution Path’ process is specifically designed and tailored for you with value based solutions and support.

Give us a call or send us a message on our contact page to find out more about how we go about achieving these outcomes.

Scroll to Top