Scamwatch round-up – ASIC and MYOB
- 15 June, 2018 06:00
ARN provides a weekly wrap of the phishing scams, malware attacks and security breaches impacting organisations across Australia.
This week the Australian Securities and Investments Commission (ASIC) and MYOB had their brands used by cyber criminals in order to deliver malware to Australians' computers.
ASIC warned customers on 13 June of an email scam purporting to be from ASIC. According to the announcement on the Australian corporate regulator's website, scammers were contacting Registry customers asking them to pay fees and give personal information to renew their business or company name.
The email advised recipients their registration was due to a renewal and they had a month.
These messages can contain links to invoices that contain fake payment details or that could install malicious software in the recipient's computer.
On 12 June, email filtering company Mailguard identified a scam email purporting to be a quote request but containing an attachment with malware.
The message tried to create a sense of urgency so recipients open the attached file which would install malware on their computer.
Late last week, Mailguard also picked up a fake email purporting to be from accounting software provider MYOB (ASX:MYO).
Also a malware scam, where cyber criminals tried to get recipients to open an attachment that would install the malicious software on to their computers, this fake invoice used MYOB's brand and logo to convince recipients of its legitimacy.
According to Mailguard, the email originated from a wide variety of sending addresses.
"This kind of brandjacking email scam can install viruses, ransomware, and a host of other damaging malware types," the company said in a blog post.