Be careful what you click!

itro > IT Security  > Be careful what you click!

Be careful what you click!

Watch out for the Most Recent Phishing Emails

Phishing and scam artists are becoming increasingly sophisticated with their impersonations of major Australian brands such as Telstra, the Australian Taxation Office (ATO) and Queensland toll payment providers such as GoVia.

Cybercriminals target the brands we know and trust, hoping for click-through to harmful links that will put your network and data at risk.

Below are screenshots of the harmful phishing emails.

1. Telstra Bill Scam

Last week the below Telstra Bill scam was blocked by MailGuard. The scam links to a compromised SharePoint hosting a .ZIP file with a malicious JS file. If someone were to click the malicious link, it is possible for credentials to be stolen.

Source: MailGuard, 2017

2. ATO Penalty Notice

Noticeably similar to emails commonly sent by the ATO. The display name Australian Taxation Office links to .ZIP containing .jar file. Well formatted to send receivers into a panic thinking they have received a Penalty Notice. Receivers may panic and not properly check the email for common tip-offs that an email is a scam such as poor English, malicious or false links and wrong, out of place or out of date logos.

Source: MailGuard, 2017

3. GoVia eToll

A GoVia eToll scam is reaching users accounts with a malicious link. If the receivers clicks the link it prompts them to a comprised SharePoint hosting a malicious JS file.

Source: MailGuard, 2017

For more information on itro Mail Scan, powered by MailGuard, click here.

Are malicious emails reaching your inboxes? Call itro on 1300 10 3000 to upgrade to our premium email filtering solution.

Where to Next?

Tips on how to spot an email as illegitimate:

  • Non-personalisation or incorrect personal details
  • Suspicious or hidden email address, therefore, always check domain addresses because Netflix will only ever send an email from a domain of @Netflix.com
  • Misleading hyperlinks. Before clicking any links, hover over it and check the domain it is linking you to and if they look suspicious do not click them and instead refer to the companies website
  • Incorrect domain name, legitimate emails from Bingle have the domain @bingle.com.au
  • Outdated logos and incorrect brand imaging
No Comments

Sorry, the comment form is closed at this time.