Beware of fake 'ASIC' email carrying ransomware

Beware of fake 'ASIC' email carrying ransomware

Security provider MailGuard says it has detected "one of the largest-scale fraud inundations" in recent times.

The spam emails sent this morning to "tens of thousands of addresses" purport to be company name renewal reminders from the Australian Securities and Investments Commission (ASIC), according to MailGuard.

If recipients click the 'renewal' link, what they're actually doing is opening "a malware downloader stored within a JavaScript file, which paves the way for ransomware to be executed remotely," said MailGuard CEO Craig McDonald.

"The link was not being detected as suspicious by any of 64 well-known antivirus engines on Google-owned aggregator VirusTotal when MailGuard intercepted the email this morning."

Two characteristics of the email provided strong clues that it was fake: the text was generic rather than addressing recipients by name, and it was sent from the asic-gov-au.co domain rather than asic.gov.au.

In addition, it was supposedly sent by "Max Morgan, Senior Executive Leader" at ASIC. "No such employee appears to exist at the commission," observed McDonald.

ASIC and other well-known organisations are often used as cover for fraudulent emails. Others include the ATO, Australia Post, the major banks, and courier companies.

An example of one of the fake emails, courtesy of MailGuard.

So be especially wary of emails apparently from such sources. Would you expect to receive an email from that organisation? Does it address you by name?

If you have the slightest suspicion that an email is not what it seems, avoid clicking any links or opening attachments - instead go directly to what you know to be the genuine organisation's web site, ignoring any domain names shown in the email.

Keeping your anti-virus software up to date is also a good idea, but as this example shows that does not provide foolproof protection. Mail filtering services such as that offered by MailGuard may provide an additional and sometimes more timely line of defence.

Source: Copyright © BIT (Business IT). All rights reserved.

See more about:  mailguard  |  malware  |  ransomware  |  security
 
 

Readers of this article also read...

Australia is a leader in flexible work practices: study 

Australia is a leader in flexible work practices: study

 
Facebook bans firms from spying on users' data 

Facebook bans firms from spying on users' data

 
The end is finally here for Windows Vista 

The end is finally here for Windows Vista

 
Best Linux distros 

Best Linux distros

 
NBN FTTC coming to 700,000 premises 

NBN FTTC coming to 700,000 premises

 
Sign up for our free newsletter
Get the latest business tech news, reviews and guides delivered to your inbox.

Latest Comments

Latest articles on iTnewsLatest iTnews Articles
GE fixing bug that could let hackers shut down power grid
27 Apr 2017
Hole allowed remote control.
British man gets two years in prison for DDoS tool sales
27 Apr 2017
Inspired Lizard Squad's LOIC.
Microsoft splits Win10 security, software updates
26 Apr 2017
Greater flexibility for when to install fixes.
Former Expedia IT worker gets 15 months jail for insider trading
26 Apr 2017
Sentenced in US for stealing confidential data.
Hyundai patches vulnerability in remote ignition app
26 Apr 2017
Determined thieves could have made off with cars.