Surety IT Security and Scam Alert - December 2018
Surety IT provides a monthly alert of the scams impacting Australian businesses including phishing scams, malware attacks and security breaches/bugs.
You need to be particularly aware of -
- A new phishing scam has been detected that claims to be from National Australia Bank
- Appearing without a display name, the forged email address used is actually one that NAB have to send legitimate emails to customers.
- Informs recipients that there online banking account has been locked
- The link in the email directs recipients to log into their account and takes them to a poorly designed copy of the NAB login page
- Once on the login page, the victims are asked to input their NAB ID, Internet Banking Password and Telephone Banking Passcode
- Once the 'login' button is clicked, they are redirected to the actual NAB site and the information is captured by the cyber criminals to access the user's confidential data and funds.
- Whilst this email contains the NAB logo, there are a few indicators that this is a scam such as the poorly worded 'please log on click' in the email, the NAB logo on the webpage appears pixelated and also covers the text behind it.
2. Generic Invoice
- A new poorly designed email scam has been detected that leads recipients to a phishing page.
- The email with 2 different subject lines contain grammatical errors - an instant red flag to those conscious of email security.
- Containing no text other than the signature of the compromised account, both emails have a PDF file attached which includes a link to 'view file'.
- If the link is clicked, victims are directed to a fake Office 365 page which requests the users email address and password to view the file.
3. Virtual HQ
- A new scam has been detected that claims to be an invoice from Virtual HQ
- Incorporating Virtual HQ's branding, the email uses a display name of 'Virtual Headquarters' and includes a compromised email address as its sending address.
- Those who click on the link contained in the email are led to a blank page that is suspected to lead to a phishing page or a malicious file download.
- A new scam has been detected that has brandjacked Commonwealth Bank.
- Sent using a display name of 'CommBank', this email comes from a compromised email account that belongs to a Research Institute in Sweden.
- Simple and short, the email advises recipients that errors have been found on their account details.
- Encouraging Users to confirm there profile details by clicking on a link, they are also advised that if they don't confirm their details, they may have their access locked out.
- Led to an CommBank branded phishing page, victims are tricked into revealing their bank account details which includes being asked to generate and enter a NetCode.
- When the NetCode is entered, it fails the first time and once entered a second time, the user is redirected to the CommBank website.
5. Microsoft Scam
- Sent using a display name of 'Microsoft Message Delivery Failure' and with a message stating it's from a Microsoft Trusted Source, this scam comes from a compromised email account
- Claiming to be an error notification, it encourages users to click multiple malicious links
About the Author
Geoff Stewart is a highly experienced and skilled Technology Director at Surety IT. His knowledge is based on years of industry experience having created customised, stable, well performing systems both for multi-national companies in the UK and Australia and Surety IT customers.
Surety IT can help you create the right system to enhance your business, ensuring you know how it is right for you and how to use it. We will tailor a solution to suit your needs with leading systems, local support and more, building your vision for a more flexible and capable business. Call us today on 1300 478 738 or email firstname.lastname@example.org to discuss your requirements.