Fake toll tickets drive malware to Queensland inboxes

Fake toll tickets drive malware to Queensland inboxes

go via brand hijacked in fresh malware wave

A fake malware-loaded email purporting to be from Queensland toll payment provider, go via, is hitting inboxes across the state.

The counterfeit toll statement notice email started hitting inboxes on a large scale on the morning of 7 August, according to email filtering company, MailGuard, which said the dodgy emails were “realistic-looking”.

According to MailGuard, the email advises that the recipient’s tax invoice is available for download. However, the ‘Download statement’ button hides a malicious JavaScript file.

The domain used in the malicious exploit, do_not_reply@ goviau. Co [altered], was registered in China early on 7 August, the email filtering company said – less than seven hours before the fake invoice began landing in inboxes.

A sample of the dodgy email (MailGuard)
A sample of the dodgy email (MailGuard)

According to MailGuard, tollway invoice fraud is on the rise this year, with go via’s brand being used previously by digital scammers. Meanwhile, a similar exploit attempted impersonating NSW Roads and Maritime Services in June.

In fact, the toll road company’s website offers a security warning about go via-branded email scams.

Go via’s warning comes as the Australian Securities and Investments Commission (ASIC) issues a fresh warning to Australians over scam emails hijacking its own branding.

“Some customers continue to receive emails claiming to be from ASIC, containing attachments or links to fake invoices,” the corporate regulator said in a statement on 7 August.

“These fake emails appear similar to ASIC emails and generally instruct the recipient to click on a link or download an invoice.”

MailGuard revealed in early July that it had seen a massive wave of emails purporting to be from ASIC and loaded with malware start filling inboxes around the country.

The attack began just after the start of the working day on 10 July and quickly escalated to become one of the largest-scale malware deliveries to be identified by MailGuard within the past year, the company said at the time.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags malwarephishingmailguardemailsmaliciousgo via

Brand Post

Show Comments