sb-au logo
Story image

Large-scale ASIC scammer targets Australian businesses

26 Apr 2017

Scammers are posing as the Australian Securities and Investments Commission (ASIC) Registry to get money and personal information out of unsuspecting customers.

Stay Smart Online released a high priority alert this week, which details how the email scam uses phishing tactics to get information.

The scam email, titled ‘Renewal’, claims to be from ‘ASIC Messaging Service’. While the email address looks legitimate, it is anything but.

According to email security provider MailGuard, the email looks to be from Alexander Ward, senior executive leader at ASIC, but there is nobody by that name who works at the company.

The email contains a link which encourages users to provide information about renewing their business or company name. 

But those who click on the link are infecting their computers with a JavaScript dropper that can extract money, sensitive data or directs the recipients to a fake invoice for payment, Stay Safe Online says.

MailGuard suspects a stolen ID may have been used to set up the attack. It says that the domain name austgov.com, from which the emails are being sent, is a newly registered domain in China.

"Chinese authorities are strict about domain registration requirements, and anyone who wants to register a new domain requires an ID scan. This creates a high likelihood that a stolen ID was used by cybercriminals to set up the scam,” explains MailGuard CEO Craig McDonald.

ASIC states that customers should be wary of emails that do not address them by name, misspell details and include unknown attachments. It also warns that customers do not click links in suspicious emails. 

ASIC customers can check their renewal date through the business names register on the official ASIC website. ASIC will only issue renewal notices 30 days before they are due to expire.

Customers contact ASIC to check if an email is legitimate. They can also forward suspicious emails that claim to be from ASIC to ReportASICEmailFraud@asic.gov.au.

Those who do click links should immediately tell the relevant business and government organisations. Security teams should monitor accounts for unusual activity. 

If you do click on any suspicious links, immediately advise the relevant business and government organisations and monitor your accounts for unusual activity. If you believe your computer may be infected, you may choose to seek assistance from an independent technical expert.

MailGuard also suggests that users hover mouse over link destinations. If they look suspicious, do not click.

Story image
Why DX is not complete without a transformed security architecture
Secure Access Services Edge (SASE) is the process by which core WAN edge capabilities like SD-WAN, routing, and WAN optimisation at branch locations are integrated with cloud-based security services like secure web gateways, firewall-as-a-service, cloud access security brokers, and more.More
Story image
CIOs put too much trust in TLS certificates - survey
Despite the prolific usage of TLS certificates within organisations, many CIOs aren't concerned about security risks associated with TLS machine identities.More
Story image
Report: Brute-force attacks feed on remote working vulnerabilities
A new report from ESET has detailed the extent to which attackers employ brute-force tactics to infiltrate remote desktop protocols.More
Story image
Former Salesforce, Microsoft security exec to lead Zoom security team
Zoom has announced the appointment of former Microsoft and Salesforce executive Jason Lee as its new chief information security officer. More
Story image
Bitglass deepens integration with MFA vendor Duo Security
Bitglass has announced a deepened integration with Duo Security, now part of Cisco, as it looks to strengthen security for the modern workforce.More
Story image
Okta, CrowdStrike, Netskope and Proofpoint create shared zero trust security strategy
Okta, CrowdStrike, Netskope and Proofpoint have joined forces to develop and launch an integrated, zero trust security strategy, stating that this is crucial for today’s digital and remote working environments.More