Menu
Scamwatch round-up – St. George and Westpac banks and more

Scamwatch round-up – St. George and Westpac banks and more

The latest round of phishing and malware attacks targeting Australian’s mailboxes

ARN provides a weekly wrap of the phishing scams, malware attacks and security breaches impacting organisations across Australia.

Late last week, a fake St. George Bank alert was picked up in what seemed like an attempt to collect personal identification information from recipients.

Email filtering company, MailGuard, who revealed the scam, said the email asked recipients to click on a link to a fake St. George Bank login page.

By telling recipients that their bank account had been terminated, scammers urged recipients to click on the link.

Unlike the email, which counted only with a sentence and a link and no logos, the fake login page was more convincing.

According to MailGuard the fake login screens asked for card number, security number, internet password, date of birth, driver’s licence number and Medicare number.

Screenshot (MailGuard)
Screenshot (MailGuard)

The week started with a fake MYOB invoice notification purporting to be from craft breweries deals company, Craftedeals.

According to MailGuard, the message contained ‘view invoice’ button that linked to a JavaScript malware file.

“The displayed sender email address is account@craftedeals.com.au - which is the real compromised company email account of Craftedeals,” MailGuard wrote in a blog post.

“The kind of JavaScript malware this message links to can be very harmful, and could have the potential to hijack or disable victim’s computer systems.”

It appeared that Craftedeals email account was being exploited to send out the malicious messages without the company's consent, according to MailGuard.

“Well, we survived our first cyber scam. We are pleased to say that the details of our database were not compromised in any way. Things are back to normal and it is business as usual,” the company alerted customers via its Facebook page.

Screenshot (MailGuard)
Screenshot (MailGuard)

On the same day, a fake Westpac Bank email was picked up by MailGuard in a scam similar to the St. George Bank one, in how it intended to collect recipients’ personal information.

The massage also contained a link to a page that asked for login details.

“The criminals who set up this scam have linked the phishing page to the compromised domain ‘westpac.co.kr’ to try and make it look more convincing,” MailGuard wrote.

Screenshot (MailGuard)
Screenshot (MailGuard)

On 13 February, two types of fake Quickbooks notification were doing the rounds, one acting to be from “We cart online solution”, which appears to be a company established in India in 2016, and another purporting to be from financial services company Proacct Wealth Solutions.

The first scam wanted recipients to click on a link within the message that took them to an archived file containing malware, according to MailGuard.

The second one was different as it took recipients who clicked on the link to a compromised Wordpress domain, which then redirects them to an archived file containing malicious JavaScript code.

Screenshot (MailGuard)
Screenshot (MailGuard)

“The fact that this scam is so superficially similar to the one MailGuard intercepted earlier could indicate that the two attacks have been released by the same criminals, but because there are significant differences in the way the scams work, that is not necessarily the case,” the vendor wrote.

“Malware-as-a-service (MaaS) is a fast-growing phenomenon in the cybercrime world so it’s quite likely that these two emails are actually the work of different scammers using the same off-the-shelf malware package, bought from an underground vendor and then adapted for their own specific purposes.”


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags malwarephishingmailguard

Show Comments