Scamwatch round-up: Netflix, FedEx TNT, ASIC and fake ANZ and CBA apps
- 21 September, 2018 08:30
ARN provides a weekly wrap of the phishing scams, malware attacks and security breaches impacting organisations across Australia.
This week, Netflix, FedEx TNT and ASIC were among the companies whose brands were hijacked by scammers with phishing email campaigns.
Netflix sent out an alert over the weekend after it learned that a fake email purporting to be from the streaming giant was being send around.
The emails asked recipients to follow a link to update bank details, giving cyber criminals access to recipients accounts.
The online streaming giant is no stranger to its brand being used for online phishing scams. Between November last year and March, the company was targeted no less than three times. In the most recent incident, subscribers received a fake email claiming their membership was being cancelled.
Meanwhile, this week also saw courier service FedEx TNT hit by a phishing scam, as scammers used its branding to capture personal email details of recipients.
Caught by email filtering company Mailguard, users received a HTML email bearing the subject line "Unable to locate you". The email then claims that the address "Delivery Group TNT" has "on record is incorrect and this has hindered delivery of your pack with label #".
According to Mailguard, unsuspecting users who click on the email to view the document are directed to a poorly-designed FedEx TNT page. The page then asks users to log in regardless of whether or not they have a FedEx account.
When users are unable to login, they are once again redirected to a fake Office 365 login page, where cyber criminals attempt to harvest email account credentials.
This week also saw the Australian Securities and Investments Commission (ASIC) hit by another phishing incident -- the fifth this year.
This time, scammers pretending to be from ASIC asked Registry customers to pay fees and give personal information to renew their business or company name.
According to ASIC, the emails usually contain a link that provides an invoice with fake payment details or infects the computer with malware once clicked.
Researchers from security software vendor ESET discovered fake ANZ and CBA apps on the Google Play store this week.
The apps were an attempt to get access to customers' credit card details and login credentials.
According to ESET, the apps were uploaded to Google Play in June 2018 and were installed more than a thousand times before being taken down by Google.
"The apps were uploaded under different developer names, each using a different guise; code similarities, however, suggest the apps are the work of a single attacker," ESET malware researcher Lukas Stefanko wrote in the company's blog. "The apps use obfuscation, which might have contributed to their slipping into the Store undetected."
In May, ANZ issued an alert to customers of a fake app found in the Google Play store - the app had as its developer ANGroup.
ANZ told customers at the time to not install and if they had already to contact ANZ Bank in order to get assistance on how to proceed.