Scamwatch round-up – NSW Gov, DHL and E-Toll

Scamwatch round-up – NSW Gov, DHL and E-Toll

The phishing and malware scams targeting Australians this week

ARN provides a weekly wrap of the phishing scams, malware attacks and security breaches impacting organisations across Australia.

This week the Australian Competition and Consumer Commission (ACCC) published its latest Targeting Scams report revealing Australians have lost $340 million to different types of scams during 2017.

The report, which combined information from reports received by ACCC's Scamwatch, Australian Cybercrime Online Reporting Network (ACORN) and other federal and state-based government agencies, revealed that Australian businesses lost $22.1 million last year.

Of the more than 160,000 scams reported to the ACCC alone in 2017, phishing was the scam category with the largest number of reports received with a total of 26,386, which caused $800,000 in losses and had a 5.6 per cent increase in the number of reports compared to 2016.

Hacking was number 12 on the scams categories list with 5,757 reports and losses of $1.7 million, with malware and ransomware following closely on number 13 with 4,412 reports and total losses of $239,000.

Email filtering company Mailguard detected more email scams targeting Australians this week including from the NSW Government, DHL and E-Toll.

On 21 May, according to Mailguard, a scam email purporting to be from the NSW Government was attempting to install malware in recipients' computers. Scammers used a link contained within the message so recipients would inadvertently open a .doc file infected with malware.

The fake "penalty notice" originated from at least six different addresses, which were registered in the US on 5 May.

Once again, scammers have hidden behind the brand name of logistics company DHL. The phishing scam tried to lure recipients into clicking on a "track parcel" link which directed them to a fake Microsoft mail login page with the intention to still recipients' details.

Mailguard also detected a fake invoice scam with the objective of getting recipients to click on the "view invoice" button linked to a malware infected file.

Mailguard detected at least 18 sending addresses which it believed may have been real email addresses that were hijacked for the purpose of the scam.

Another E-Toll scam was doing the rounds this week. The fake message was intended to make recipients believe they were receiving an E-Toll receipt. However, Mailguard found that the Google Doc being downloaded was installing malware into recipients' computers.

In this instance, the email filtering company detected at least 13 different email addresses from where the fake messages were being sent.

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags mailguardscam

Show Comments
View all events