Surety IT Security and Scam Alert - January 2018

Surety IT provides a monthly alert of the scams impacting Australian businesses including phishing scams, malware attacks and security breaches/bugs.

During January, you need to be particularly aware of the -

1. Meltdown and Spectre

These exploit critical vulnerabilities in modern processors basically allowing programs to steal data which is currently being processed on the computer.  This data might include passwords, personal information, emails and business critical documents.

Basically every desktop, laptop and mobile device as well as the equipment running cloud services is impacted by these exploits.  Manufacturers and software providers are already releasing patches which should be applied as soon as possible.

The potential downside of installing the patches is that device performance could be impacted.


2. Fake ASIC Email



  • The email is in simple plain text  but has a .doc attachment that contains malicious code.
  • Although the message is supposed to be from ASIC - asic.gov.au - the sender domain is actually asicau.com which was a new domain registered in China recently.

3. Fake MYOB Invoice



  • The emails are authentic looking and the subject line shows a variation of 'Invoice TX107350 from Tax Store Australia'.
  • The message requests the recipient to click on the 'view invoice' link.  This link points to a file which contains malicious code.
  • The sender address is myobcenter.com which is a newly registered domain in China.

4. Fake Suncorp Insurance Documents



  • The message shows the sender as 'SunCorp Insurance' or 'Health Insurance' but the emails actually come from a compromised MailChimp account.
  • The recipient is requested to download insurance documents but links to a file which contains malicious code.

5. CPA Australia Brand Hijacked


  

  • The email is in simple plain text  but has a .doc attachment that contains malicious code.
  • Although the message is supposed to be from CPA Australia - the sender domain is actually cpaaustraliaa.com which was a new domain registered in China recently.

6. Fake CBRE Email



  • The email contains a download link supposedly for a PDF document scanned by a Xerox MFP. 
  • The link actually goes to a website that is designed to obtain the recipient's Microsoft login details.
  • Although the message is supposed to be from CBRE - the sender domain is actually from htran.com.au.

7. Fake AGL Disconnection Notice


  • The email is very convincing.  The design is well done and it looks like a genuine AGL email communication.
  • The sender address looks authentic - aglenergyonline.com but is actually a new domain set up in China recently
  • The email creates a sense of urgency for the recipient and is intended for the recipient to feel pressure and click on the link.
  • If the link is clicked on, it will install malicious software onto the recipient's computer.

8. Fake Netflix Payment Declined Email



  • The email is very convincing.  The design is well done and contains Netflix logos.
  • The sender address is not authentic though and doesn't come from a Netflix domain,
  • The email creates a sense of urgency for the recipient and is intended for the recipient to feel pressure and click on the link.
  • If the link is clicked on, it will link to a phishing website with fake Netflix branding designed to harvest legitimate credit card numbers.


If you'd like any further information, assistance with your cyber security or you don't know where to start please call us on  1300 478 738 or email us at  info@suretyit.com.au.



About the Author

Geoff Stewart is a highly experienced and skilled Technology Director at Surety IT. His knowledge is based on years of industry experience having created customised, stable, well performing systems both for multi-national companies in the UK and Australia and Surety IT customers.

Surety IT can help you create the right system to enhance your business, ensuring you know how it is right for you and how to use it. We will tailor a solution to suit your needs with leading systems, local support and more, building your vision for a more flexible and capable business.

Call us today on 1300 478 738 or email info@suretyit.com.au to discuss your requirements.