Fake Australian Securities and Investments Commission emails target business owners with malware

By on
Fake Australian Securities and Investments Commission emails target business owners with malware

The Australian Securities and Investments Commission has issued a warning after scammers posing as the regulator emailed Australian businesses on Wednesday morning with malware-laden notices.

The emails reportedly asked customers to renew their business details via provided links, which, when clicked, would activate a Javascript dropper and infect computers with malware.

Email security vendor MailGuard issued an alert suggesting a stolen ID may have been used to help set up the scam. The originating domain, austgov.com, was registered in China, where strict regulations around domain registration require an authentic ID to be scanned.

MailGuard also said the domain was backed by a legitimate email infrastructure, which helped the emails bypass email server spam detection.

The emails come with ASIC and Australian Government branding and puts anyone who follows their instructions at risk.

ASIC recommends users keep antivirus software up to date, be wary of emails that do not address recipients by name or that spell recipients’ names incorrectly and be suspicious of emails with unknown attachments.

Copyright © CRN Australia. All rights reserved.
Tags:

Most Read Articles

You must be a registered member of CRN to post a comment.
| Register

Poll

Will the removal of 457 visas hurt the IT industry?
Yes
No
View poll archive

Log In

Username / Email:
Password:
  |  Forgot your password?