A "huge run" of fake ATO emails is delivering malware, including ransomware and keyloggers, according to MailGuard.
Thousands of copies of bogus emails purporting to be from the Australian Taxation Office were distributed recently, according to email security vendor MailGuard.
Each of the emails contains a unique link, "making it hard for antivirus software to detect the bulk email as suspicious," said MailGuard CEO Craig McDonald.
So watch out for something similar appearing in your inbox, and always behave with a degree of scepticism and avoid clicking blindly on links.
In this case the sender address appears as "BASnotification@ato.gov.au" but the messages actually originated from a compromised account at the SendGrid bulk email delivery service. McDonald warned that SendGrid is an increasingly frequent vehicle for email attacks.