Story image

New year rings in scams in the guise of Suncorp, MYOB, and ASIC emails

08 Jan 18

MailGuard detected an email scam today using fake ‘Suncorp’ branding.

Suncorp is an Australian finance, insurance, and banking corporation based in Queensland.

The email was detected by MailGuard this morning and is currently being sent out in large numbers.

The message shows the sender addresses ‘SunCorp Insurance’ or ‘Health Insurance’, but the emails actually originate from a compromised MailChimp account.

The email asks the recipient to download ‘insurance documents’ and has a link pointing to an archived JavaScript file.

MailGuard reports that JavaScript files used in scams of this sort can contain malware such as Trojans, keystroke loggers and ransomware.

MailGuard advises users to be cautious and check your inbox to make sure you are not targeted by this scam.

Email scammers have already been actively targeting Australian email users, with MailGuard detecting one scam using MYOB branding and one using the Australian Securities and Investments Commission (ASIC) branding four days ago.

The MYOB message urges the recipient to click on a ‘view invoice’ link, which points to a file archive on a compromised SharePoint account.

The archive file contains malicious javascript malware.

Meanwhile, the ASIC email scam has a .doc attachment which contains malicious macro code.

Although the message purports to be from ASIC, the sender URL is actually ‘asicsau[dot]com’, a new URL registered on January 3 in China.

Cybercriminals use .doc macros in attachments like the one on this email to install malware on victim’s computers.

Macros run in the background when .doc files are opened and can be used to download trojans, spyware and viruses. 

Businesses focusing on threats from within - survey
Over 50% of respondents reported that 100 days of dwell time or more was representative of their organisation.
Corelight and Exabeam partner to improve network monitoring
The combination of lateral movement and siloed usage of point security products leaves many security teams vulnerable to compromise.
SailPoint releases first identity annual report
SailPoint’s research found that many organisations are lacking maturity in their governance processes over identities.
Disruption in the supply chain: Why IT resilience is a collective responsibility
"A truly resilient organisation will invest in building strong relationships while the sun shines so they can draw on goodwill when it rains."
The disaster recovery-as-a-service market is on the rise
As time progresses and advanced technologies are implemented, the demand for disaster recovery-as-a-service is also expected to increase.
Cohesity signs new reseller and cloud service provider in Australia
NEXION Networks has been appointed as an authorised reseller of Cohesity’s range of solutions for secondary data.
Avnet to boost AI/IoT solutions with acquisition
The acquisition of Softweb Solutions adds software and artificial intelligence to Avnet’s ecosystem and bolsters its IoT capabilities.
The key to financial institutions’ path to digital dominance
By 2020, about 1.7 megabytes a second of new information will be created for every human being on the planet.