Yet another wave of scam emails have been hitting inboxes this week, fortunately it appears to be something that we’ve seen before. The scam carries the same ingredients as previous scams – fake email, fake link and malware.
The first reports of the scam were on Monday (29th May) with thousands of emails being distributed, containing a link with a malicious file which can compromise the computer/system. It seems the domain was only registered some days ago with the registrar being based in Hong Kong. The domain is australiangovernments.com. The email disguises itself and is said to be from ‘ASIC Messaging Service’ which then instructs recipients to click a link to see a ‘company renewal’ letter. Instead, the link triggers the download of a malicious file.
This isn’t the first time we’ve seen attackers attempt to mimick ASIC, this year alone they have been mimicked in January and March.
Fake Scam ASIC Email (Image Courtesy of Mailguard)
The email is said to have been sent by a ‘Ashley Hughes’, an apparent Senior ExecutiveLeader at ASIC however no member of staff at ASIC goes by that name. If the recipient does go onto clicking on the link, the computer/system will automatically download a link containing the malicious JavaScript (Malware) in form of a .zip file via a compromised (fake) SharePoint website.
Fake Scam ASIC Link Malware (Image Courtesy of Mailguard)
The scammers have taken steps to evade detection, setting up their domain with SPF, DKIM and reverse DNS to avoid common anti-spam checks.
ASIC themselves have released a statement saying:
“Scammers pretending to be from ASIC have been contacting Registry customers asking them to pay fees and give personal information to renew their business or company name,”
“These emails often have a link that provides an invoice with fake payment details or infects your computer with malware if you click the link.”
IntelliTeK are always up to date with the latest threats to emails and IT security which is why we only partner with the best in the industry. If your company isn’t fully equipped to fend off cyber criminals, then get in touch with us so we can discuss your options. Call us on 1300 768 779, email us at info@intellitek.com.au, fill out the web form, or have a Live Chat with us below.