Email scam hits Australian businesses

Email scam hits Australian businesses

An elaborate email scam is unfolding that is infecting computers with malware. The emails appear to come from the Australian Securities and Investment Commission.

An elaborate email scam is unfolding in Australia that is infecting computers with malware, according to a post on the MailGuard blog.

Speculation is that a stolen ID was used in the scam as emails appear to come from the Australian Securities and Investment Commission (ASIC), but a trace back to the domain revealed the email actually came from a phony domain registered in China.

The email comes loaded with a JavaScript dropper intended to install malware on victims' computer systems, most likely a trojan or ransomware, according to MailGuard's cyber-security researchers.

The message disguises itself as a renewal letter from ASIC, but it arrives not from the legitimate government ASIC site, asic.gov.au, but rather from an austgov.com domain, which was registered in China.

The MailGuard researchers said that as China is strict about domain registration requirements, there's a high chance that a "stolen ID was used by cyber-criminals to set up the scam."

Recipients who are duped by the legitimate appearance of the email and click on the "Renewal letter" link are at risk of inviting malware.

This campaign is not the only instance of email scams circulating in Australia, the researchers stated. A number of other scams, some impersonating MYOB, and the government site myGov, have been circulating in large volumes recently.

ASIC's website offered this advice for avoiding email scams:

  • Keep your anti-virus software up to date
  • Be wary of emails that don't address you by name or misspell your details and have unknown attachments
  • Don't click any links on a suspicious email.

This article originally appeared at scmagazineuk.com

Source: Copyright © SC Magazine, UK edition

 
 

Readers of this article also read...

WannaCry not first to exploit NSA EternalBlue, DoublePulsar malware 

WannaCry not first to exploit NSA EternalBlue, DoublePulsar malware

 
Bill Gates’ advice to a new generation of students 

Bill Gates’ advice to a new generation of students

 
7 of the best 404s to make broken web pages less sad 

7 of the best 404s to make broken web pages less sad

 
Android O will enable more regular patching 

Android O will enable more regular patching

 
After ‘WannaCrypt’, should governments stockpile software vulnerabilities? 

After ‘WannaCrypt’, should governments stockpile software vulnerabilities?

 

Latest Comments

From our Partners

PC & Tech Authority Downloads