Scamwatch round-up: Office 365, NAB and SA Health
- 10 August, 2018 06:15
ARN provides a weekly wrap of the phishing scams, malware attacks and security breaches impacting organisations across Australia.
This week, emails using Microsoft Office 365 and National Australia Bank (NAB) logos were detected, while SA Health revealed details of the data of thousands of patients which was inadvertently available online for 13 years.
On 6 August, email filtering company Mailguard picked up a phishing scam purporting to be from Microsoft Office 365.
The message claimed that the mailbox of the recipient failed to sync resulting in a number of returned "incoming mails" - a link to "recover messages" within the email directed recipients to a phishing page that looked like an Office 365 login page.
After the credentials were entered, the phishing site redirected recipients to a genuine Microsoft website.
On the same day, Mailguard identified another scam, this time purporting to be sent from NAB - the message contained a supposed confirmation of payment as an attachment.
The .pdf file linked to a file hosted on Dropbox and when accessed automatically downloaded malware on the recipient's computer.
"Email-borne malware can have many destructive effects on computer systems, including installing viruses like spyware and enabling remote control by hackers," Mailguard wrote in a blog post.
Earlier in the week, SA Health informed it was taking action to have historic confidential test result details - which had been published in error - removed from two document-sharing websites.
The information of 7,200 pathology tests taken between 1996 and 2005 with names and date of birth of the children tested was included in an academic presentation on childhood infections that was posted to the Women's and Children's Hospital (WCH) Adelaide website in 2005.
The presentation was removed from the WCH website in 2016, but had been uploaded with the embedded information to the external document sharing website dokumen.tips and its affiliate site docslide.com.br, without authorisation.
"The presentation has now been removed. A subsequent search revealed the presentation was also uploaded to four other filesharing sites, but none of these contained the embedded data," SA Health informed.
“Our IT security team advise that the risk of anyone discovering the embedded information within the presentation is extremely low,” WCH executive director of corporate services Phil Robinson said.