New ATO phishing scam surfaces

By on
New ATO phishing scam surfaces

Phishing campaigns have surfaced that are targeting the Australian Tax Office, and customers of NAB and the Commonwealth bank with malware undetected by most anti-virus engines.

The ATO trojan delivered to users at at time many were receiving tax returns was detected by 14 of 47 anti-virus engines, according to a Virus Total analysis.

It contained a spoofed email address linked to payroll provider ADP and appeared to use body text not used in other phishing scams to con users into opening the malicious Microsoft Word attachment .

Only four of 47 anti-virus engines detected the malware.

It contained the subject "Australian Taxation Office - Refund Notification" with body text that read "after the last calculation of your fiscal activity we have determined that you are eligible to receive a refund of 6731.76 AUD."

The banking phishing attacks delivered a trojan packed into the attachment

The email text and attachment file name have been used in attacks against banks dating to at least December last year.

Hat tip to Telstra chief security specialist Scott Mcintyre who discovered and reported the malware.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia


Most Read Articles

Log In

  |  Forgot your password?