A new email scam has hit inboxes across Sydney and all over Australia and are bringing IT services experts scrambling. The scam harnesses the urgency of a legitimate issue; in particular, e-ticket infringement notices.
An e-ticket is defined by the Queensland Police Service as “an electronic infringement notice auto-delivered to the person via email, MMS or Australian Post at the time of the incident.” Citizens have the choice of receiving the e-ticket through email or MMS if they have been stopped by a police officer and they have opted for the aforementioned methods of receiving their ticket.
Given that the e-ticket stands for an actual ticket from the police, those who are receiving the scam are understandably concerned. The fraudulent e-ticket came from the display name of Anna POL #6635 and uses the address of firstname.lastname@example.org.
The e-ticket looks eerily similar to the real thing. It uses compromised MailChimp accounts to distribute the fraudulent email that downloads a malicious ZIP file. Since the accounts are legitimate, email scanners and anti-virus programs failed to identify and block the initial attacks.
While the attacks were rampant, here are a few ways to identify them to avoid being victimized:
- Scam emails usually utilize generic greetings, such as “Dear customer.” Legitimate accounts would use customized greetings, with the subscriber’s name.
- Scam emails usually have a sense of urgency, triggering prompt action on the subscriber’s part. Examples of these are “Ensure your invoice is paid immediately to avoid unnecessary fees.”
- Scam emails usually have bad grammar, excessive or few punctuation marks, and have poor quality or distorted graphics. The graphics can just be copied from a legitimate email, which may explain the poor quality. So an email that has a sense of urgency and poor grammar are your usual telltale signs of a scam, so be careful in clicking the link.
- Scam emails tend to use obscure sending addresses, such as the one mentioned above.
- Scam emails usually ask subscribers to click a link. Once they do, it automatically triggers a download of the malicious file. To avoid this, hover over the link to ensure that you are being redirected to a legitimate website.
Despite every IT professionals’ best intentions, scammers are all over the world and would snap at the opportunity to make a quick buck. Therefore, it pays to be vigilant and to enlist the services of a certified firm that offers comprehensive IT security packages.
About IntelliTeK Pty Ltd
IntelliTeK is a managed IT services company in Sydney, Australia. With major vendor relationships and accreditation’s from the worlds leading IT companies including WatchGuard, Microsoft, Trend Micro and Amazon Web Services, IntelliTeK have kept clients happy since 2007.
IntelliTeK are always up to date with the latest cloud backup solutions which is why we only partner with the best in the industry. If your company isn’t fully equipped to fend off cyber criminals, then get in touch with us so we can discuss your options. Call us on 1300 768 779, email us at email@example.com, fill out the web form, or have a Live Chat with us below.