Beware of fake 'ASIC' email carrying ransomware

By on
Beware of fake 'ASIC' email carrying ransomware

Security provider MailGuard says it has detected "one of the largest-scale fraud inundations" in recent times.

The spam emails sent this morning to "tens of thousands of addresses" purport to be company name renewal reminders from the Australian Securities and Investments Commission (ASIC), according to MailGuard.

If recipients click the 'renewal' link, what they're actually doing is opening "a malware downloader stored within a JavaScript file, which paves the way for ransomware to be executed remotely," said MailGuard CEO Craig McDonald.

"The link was not being detected as suspicious by any of 64 well-known antivirus engines on Google-owned aggregator VirusTotal when MailGuard intercepted the email this morning."

Two characteristics of the email provided strong clues that it was fake: the text was generic rather than addressing recipients by name, and it was sent from the domain rather than

In addition, it was supposedly sent by "Max Morgan, Senior Executive Leader" at ASIC. "No such employee appears to exist at the commission," observed McDonald.

ASIC and other well-known organisations are often used as cover for fraudulent emails. Others include the ATO, Australia Post, the major banks, and courier companies.

An example of one of the fake emails, courtesy of MailGuard.

So be especially wary of emails apparently from such sources. Would you expect to receive an email from that organisation? Does it address you by name?

If you have the slightest suspicion that an email is not what it seems, avoid clicking any links or opening attachments - instead go directly to what you know to be the genuine organisation's web site, ignoring any domain names shown in the email.

Keeping your anti-virus software up to date is also a good idea, but as this example shows that does not provide foolproof protection. Mail filtering services such as that offered by MailGuard may provide an additional and sometimes more timely line of defence.

Copyright © BIT (Business IT). All rights reserved.

Most Read Articles


What would you like to see more of on BiT?
How To's
Photo Galleries
View poll archive

Log In

  |  Forgot your password?