Scamwatch round-up – ANZ and Harvey Norman
- 20 April, 2018 10:24
ARN provides a weekly wrap of the phishing scams, malware attacks and security breaches impacting organisations across Australia.
This week, ANZ and Harvey Norman were among the companies whose brands were hijacked by digital scammers, as the Australian Government warns of an increase in malware-laden scam emails.
On 16 April, the Federal Government’s Stay Smart Online digital threat advisory website warned Australians of a recent increase in email scams containing malware.
“The emails contain a link which, if clicked on, downloads and installs a Remote Access Trojan (RAT) on your device,” Stay Smart Online said on its site. “Hackers use these RATs as an invisible backdoor to access the data on your computer.
“They can steal your confidential information, hold your computer to ransom or install other programs without your knowledge,” it said.
According to Stay Smart Online, thousands of these emails have been sent out to individuals and businesses across Australia.
“They are coming from a variety of sources, which means many are not being detected by internet service providers’ email filters or customer anti-malware programs,” it said.
Meanwhile, email filtering and security firm Mailguard said it picked up scam emails purporting to be from local banking group ANZ this week, with a wave of the emails hitting inboxes on 19 April.
According to Mailguard, the email phishing scam makes use of a fake ANZ Bank login page that actually has the potential to collect recipients’ information for identity theft purposes.
“The object of this scam is to harvest the login details and personal data of victims,” Mailguard said in a blog post. “The email sent by the scammers…asks them to follow a link and login to their ANZ account.
“If they click on the link in the email, the victim is sent to a phishing site that is designed to look like an ANZ banking login page,” Mailguard said.
According to the email filtering company, the sending email addresses and website URLs used in this particular attack appear to be existing URLs that have been hacked and compromised.
Another big name brand to be hijacked for scamming purposes this week was Harvey Norman, with the electronics and home goods retailer’s name being used in a scam text message campaign.
“This afternoon Queenslanders have received a scam text message claiming to be from the retailer, but as with all scams if it sounds too good to be true, it always is!” the Queensland Police said in a post published on 19 April. “The scam comes as a text message and asks to click attachment to pick up your package.
“Users who have then clicked on the link have been shown “special deal” offering Samsung TVs for $4.95
We shouldn’t have to tell you this is a scam. Don’t click the attachment and delete the text immediately,” the Queensland Police said.