Menu
ASIC and CBA targeted once again as email scams invade Aussie inboxes

ASIC and CBA targeted once again as email scams invade Aussie inboxes

Revealing the phishing scams that landed in local inboxes this week

Another round of email scams have hit Australian inboxes, with hackers targeting the Australian Securities and Investments Commission (ASIC) and CBA during a week of security scares.

After warning customers on 4 October, once again, the ASIC hack was targeting its Registry users, requesting the payment of fees and to provide personal information to renew their business or company name.

"These emails often have a link that provides an invoice with fake payment details or infects your computer with malware if you click the link,” ASIC wrote on its website.

ASIC also reinforced that it will never ask customers via email to make a payment over the phone, to make a payment to receive a refund or for a person’s credit card or bank details directly by email or phone.

Screenshot (ASIC)
Screenshot (ASIC)

Email filtering company MailGuard picked up on the same day another scam, this time impersonating CBA.

MailGuard said both scams were “particularly deceitful as they are so well-crafted, with no grammatical errors and on-brand formatting”.

The domain r-au.com, from which the ASIC scams were sent, was registered yesterday with a China-based registrar. The email links to an archive file containing a malicious JavaScript file.

According to MailGuard, the CBA scam is a simple HTML with no branding or logo, which mimics CBA’s actual email notifications.

The sender display name is CBA Payment, with the display and sending addresses having the aliases payment.com@ and root@, said MailGuard.

In addition, the display and sending addresses were being sent from different hosts to make it more difficult for email filtering services to identify and blacklist.

The email lured customers to click on a link that took them to the phishing page, which was an exact replication of the CBA NetBank login.

“Victims entering their login details are likely to have their credentials scraped,” MailGuard wrote.


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags CBAASICsecurityscamphishing

Show Comments