Surety IT Security and Scam Alert - June 2018 Part 2

Surety IT provides a monthly alert of the scams impacting Australian businesses including phishing scams, malware attacks and security breaches/bugs.

You need to be particularly aware of  -

1. Fake infringement notice



  • These scam messages are coming from a wide variety of email accounts, including - 


  • Jody Charles: nick@blackbyte.co.uk
  • Aidan Murphy: doris@vogelcity.de
  • Billy Campbell: info@best-media-consult.de
  • Jenson Roberts: info@werbung-verlag-event.de
  • Logan Saunders: laurabi@valdoallianzbank.it
  • Billy Campbell: susan@dance-a-cross.com
  • Jacob Parry: giuseppetulone@a4graphicsdesign.it
  • Stephen Oliver: kenneth@kmglaw.co.uk
  • Hayden Reynolds: sabina@i2000net.it
  • Jenson Roberts: jonas@boutter.de
  • Derrick Jackson: otgonsuren@monmap.mn
  • Paxton Dunlap: mail@ueberfuhr.de
  • Ben Moore: contactus@lavernlingerie.com
  • Cyrus Weber: davtheor@reliable-mail.com
  • Ethan Anderson: alankar@sawai.in


  • There are several variations of the email with different amounts and office names
  • If the link in the email is clicked on it downloads malware to a victims computer

2. Login data scam



  • A new phishing scam has been detected that tries to harvest a victim's login details.
  • If the link in the email is clicked on, it points to a fake email login page asking for the victim's login data.
  • Information harvested in this scam is used to defraud victims.

3. New MYOB brand-jacking scam



  • A new scam has been detected that shows MYOB branding and is supposedly a document notification email.
  • The attached file contains malware that will infect a victim's computer.


4. Quote request scam



  • The email in the screenshot above is a scam message and is meant to look like a quote request.
  • There are several grammar errors in the email.
  • If the attachment is clicked on, it will install malware on the victim's computer.

5. One Drive brand-jacking



  • There is a new scam that tries to harvest victim's Office 365 credentials.
  • If the victim clicks on the "Check Pay Doc" link they are directed to a fake Office 365 login page.
  • If the victim then enters their credentials into the login page, their details are harvested and used to defraud them.

 
If you'd like any further information, assistance with your cyber security or you don't know where to start please call us on  
1300 478 738 or email us at 
info@suretyit.com.au.


About the Author


Geoff Stewart is a highly experienced and skilled Technology Director at Surety IT. His knowledge is based on years of industry experience having created customised, stable, well performing systems both for multi-national companies in the UK and Australia and Surety IT customers.

Surety IT can help you create the right system to enhance your business, ensuring you know how it is right for you and how to use it. We will tailor a solution to suit your needs with leading systems, local support and more, building your vision for a more flexible and capable business. Call us today on 1300 478 738 or email
info@suretyit.com.au to discuss your requirements.

Tweet