Surety IT Security and Scam Alert - April 2018

Surety IT provides a monthly alert of the scams impacting Australian businesses including phishing scams, malware attacks and security breaches/bugs.

You need to be particularly aware of  -

1. Netflix Phishing Email Scam

  • A new Netflix email scam tells the recipient that Netflix ‘failed to validate’ their payment and that they need to log into their Netflix account to ‘verify’ their ‘billing and payment details’.
  • The message warns the recipient that ‘failure to complete the validation process’ will result in their Netflix account being cancelled.
  • If the victim does click on the ‘verification’ link in the email they are taken to a phishing website set up to look like a real Netflix login page
  • The fake login page will collect the victim’s email address and Netflix password and then send them to a page that harvests their credit card details including 3 digit security code and expiry date for possible theft or fraud.

2. Fake Origin Email

  • An email scam has been detected using fake Origin branding to make it look like an electricity bill notification.
  • As you can see in the screenshot above, this is a well-designed scam message.
  • The email contains a “view bill” link button and it is suspected that this email links to a malicious virus download of some sort.

3. Docusign Brandjacking Scam

  • There’s a cunning, well-designed email scam hitting inboxes today that’s imitating a Docusign notification message.
  • In the screenshot above you can see that the message tells the recipient 'Please DocuSign the attached Business Activity Statements' and contains a ‘review document’ link button.
  • Clicking on the link would take the victim of this scam to a malicious website which might download a file containing a virus or harvest their personal data.

  • 4. Fake Xero Email

  • A new email scam is exploiting Xero’s trademark to try and gain the trust of potential victims.
  • In the screenshot above you can see that these scam messages are meant to look like invoice notifications sent through the Xero accounting platform.  
  • The objective of this email is to get the recipient to click on a link that will direct them to a hidden JavaScript malware file.
  • Malware linked scams like this usually install viruses or spyware onto victims computers when they open innocent looking attachments or click
  • 5. Fake GoVia Email 

    • An email scam has been detected impersonating Go Via designed to look like a real Go Via statement notification, with logo branding, etc.
    • The message contains malicious links that point to compromised websites intended to harvest the personal data of victims.
    • Although the email accounts sending this message are not related to Go Via, the scammers who designed this attack have masked the sender email so it appears as ‘go via’ in the ‘from’ field.
    • Please keep an eye out for this email scam and delete this message if it shows up in your inbox.

    If you'd like any further information, assistance with your cyber security or you don't know where to start please call us on  1300 478 738 or email us at

    About the Author

    Geoff Stewart is a highly experienced and skilled Technology Director at Surety IT. His knowledge is based on years of industry experience having created customised, stable, well performing systems both for multi-national companies in the UK and Australia and Surety IT customers.

    Surety IT can help you create the right system to enhance your business, ensuring you know how it is right for you and how to use it. We will tailor a solution to suit your needs with leading systems, local support and more, building your vision for a more flexible and capable business.

    Call us today on 1300 478 738 or email to discuss your requirements.