Scamwatch round-up – ATO, Microsoft OneDrive and St George
- 01 June, 2018 09:00
ARN provides a weekly wrap of the phishing scams, malware attacks and security breaches impacting organisations across Australia.
This week, the Australian Taxation Office (ATO), Microsoft OneDrive and St George were among the brands used by digital scammers.
Email filtering company Mailguard picked up a fake email purporting to be from the Australian Taxation Office (ATO) on 28 May.
The "warning document" was a phishing scam. The message contained a link which led recipients to a page designed to look like a real ATO page.
The online scammers were using the page to gain recipients login details.
On the same day, Mailguard also identified a fake OneDrive email in another phishing scam. This scam was also designed to collect recipients' login details.
A fake MYOB notification email with the intent to collect Microsoft users' account details was also picked up.
A link within the message would take recipients to a fake login page in an attempt to harvest recipients' details.
On 29 May, Mailguard identified a fake invoice email being sent from different senders. The simply designed message had a link to what is supposed to be either an invoice or a receipt but Mailguard believes the messages were infected with malware.
The latest scam identified was a fake infringement notice being sent from several different email accounts.
The vendor also noticed that there were variations on the basic email format with different fine amounts and “officer names".
On 31 May, Mailguard spotted an email using St George bank's name and branding in what seemed to be a scam to acquire recipients' bank login details.
The message said that irregular activities had been detected on the recipients' credit card and the account was being temporarily suspended.
After recipients were taken to a fake webpage and entered their login details further phishing pages were presented to the recipient in an attempt to harvest email address and phone number.
"The extensive data demanded by these phishing pages would enable the scammers behind this attack to execute sophisticated identity theft fraud," Mailguard wrote in a blog post.