Story image

'Dangerous' email scam targets Australians

18 Dec 15

A new email scam is targeting Australian individuals via the postal service.

Australia Post issued a warning on its website last week alerting the public of the scam, and says it is almost identical to others seen over the last twelve months.  

The email appears to come from Australia Post asking the individual to collect a parcel or pay for storage fees.

A link in the email leads to a fake Australia Post website to ‘download tracking information’, but is in fact the latest version of a type of ransomware: a virus that holds data to ransom unless a fee is paid.

The scam has increased in sophistication over time, using anti-virus defeating techniques and encryption, which makes it harder for internet security products to stop the threat, according to Australia Post.

The timing of this threat is now also coinciding with Christmas parcel deliveries making the scam more dangerous this time of the year, the organisation says.

Rob Collins, WatchGuard Technologies senior systems engineer - APAC, tested the latest sample against 55 anti-virus products, and only one detected the sample as a virus.

Further analysis of the behaviour of the sample revealed it to contain technology to defeat common anti-virus techniques.

The virus itself changes from one hour to the next to look like a new program, aware of the fact that most anti-virus products are updated hourly, he says.

The scam seems to originate in Russia, as all the fake Australia Post websites are actually compromised Russian sites, although the emails themselves are originating from poorly configured mail servers all over the world, according to Collins.

The virus itself is downloaded from Russian cloud service using encrypted HTTPS, so unless an individual uses this service it is safe to block it.

“Most companies issue the occasional warning emails about similar types of threats, but spend considerably less effort and time educating temporary and new staff.

“An internet security briefing as part of an onboarding and organisational education programmes is highly recommended with an emphasis on encouraging staff to question anything that looks suspicious,” says Collins.

WatchGuard Technologies advises that consumer-grade firewall or hardware more than three years old should be replaced with newer technology. 

In addition, effective backup capabilities are also essential should data be held to ransom and require recovery.

“This particular scam has resulted in more than  $300 million in earnings for cyber criminals and it’s going to continue to hit Australian businesses in 2016 ,” says Collins.

Dimension Data nabs three Cisco partner awards
Cisco announced the awards, including APJ Partner of the Year, at a global awards reception during its annual partner conference.
WatchGuard’s eight (terrifying) 2019 security predictions
The next evolution of ransomware, escalating nation-state attacks, biometric hacking, Wi-Fi protocol security, and Die Hard fiction becomes reality.
Why the adoption of SAP is growing among SMEs
Small and medium scale enterprises are emerging as lucrative end users for SAP.
Exclusive: How the separation of Amazon and AWS could affect the cloud market
"Amazon Web Services is one of the rare companies that can be a market leader but remain ruthlessly innovative and agile."
HPE extends cloud-based AI tool InfoSight to servers
HPE asserts it is a big deal as the system can drive down operating costs, plug disruptive performance gaps, and free up time to allow IT staff to innovate.
Digital Realty opens new AU data centre – and announces another one
On the day that Digital Realty cut the ribbon for its new Sydney data centre, it revealed that it will soon begin developing another one.
A roadmap to AI project success
Five keys preparation tasks, and eight implementation elements to keep in mind when developing and implementing an AI service.
The future of privacy: What comes after VPNs?
"75% of VPN users said they are seeking a better solution for cloud networks."