The latest malicious emails exploit Telstra, Commonwealth Bank, Xero and other major brands.
It’s been a busy week for scammers, with a local security company Mailguard detecting multiple malicious email campaigns posing as well-known brands.
First, on 25 September, came two “very large phishing campaigns” impersonating Telstra and Brisbane eToll operator Go Via. Then, on 26 September, came more rogue campaigns masquerading as Telstra, Xero and the Commonwealth Bank.
Earlier today (27 September) Mailguard detected two more campaigns posing as emails from UK telco Virgin Media and online fax service eFax.
All worked in a similar way, as “well formatted”, authentic-looking emails, generally purporting to be invoice notifications, but containing a link to “a malicious Javascript payload”.
The campaigns included the “third Telstra-branded scam in as many weeks, and the second Xero-branded scam over the same period”, according to Mailguard.
That’s as well as the previous email scams that we have reported on previously, such as those purporting to be from Go Via, EnergyAustralia, Origin Energy, ASIC, ATO, MYOB and QuickBooks.
The latest Virgin Media scam is unlikely to fool many Australian recipients, but curiosity sometimes gets the better of us.
The eFax emails purport to notify the arrival of a fax from an unknown sender. The subject line is ‘Corporate eFax message from “Unknown”’ followed by a variable page count and originating phone number. Those numbers all start with 44, the international dialling code for the UK.
This, along with the timing of the campaign (in evening Australian time and morning UK time) suggests the Australian recipients may have been overspill from an attack aimed primarily at the UK.
The deluge of fake emails is yet another reminder to be on your guard.
As MailGuard says, “Remember, if the email is not customised with your name or account information, it most likely is not authentic. However, the heightened sophistication of phishing emails and landing pages, such as graphics, formatting and grammar, means that it is increasingly more difficult to distinguish between a real email from that of an imposter.”
Technological fixes such as MailGuard’s filtering service reduce the risk of such messages reaching your and your employees’ inboxes, and security software may detect the payloads. But we all need to be on our guard when opening emails from organisations we think we can trust – and be especially cautious before opening attachments or clicking on links.
