A malicious email impersonating the Australian Securities and Investments Commission and targeted at time-poor small business owners has been sent to tens of thousands of recipients, with experts warning these scams are likely to become more frequent as the end of financial year approaches.
The attack, uncovered by Mailguard, comes in the form of a fake company name renewal notice and appears to be sent by ASIC, with the email body including ASIC branding and the commission’s privacy policy.
When they clickย on the hyperlinked โRenewal letterโ, users are directed to a website where a file containing malware is downloaded onto their computer. The type of malware is unknown, but it is likely to be either ransomware, a virus, or a keylogger designed to steal usersโ login details.
Read more:ย SMEs urged to back up data as email scam hits QuickBooks
A senior executive leader by the name of Ashley Hughes is listed as the sender of the email, but no staff member of that name exists at ASIC.
The attack actually originates from the domain โaustraliangovernments.comโ, which was registered in Hong Kong the day before the attack went out. Cyber security expert at Sense of Security Michael McKinnon told SmartCompany these attacks are often successful because ofย how quickly the associated domain names can be registered.
โHackers will set up the new domain and then the email infrastructure very quickly and then start spamming like crazy. Most email-blocking systems assess domains based on their reputation, so a brand new domain name with no reputation attached to it will often pass through,โ he says.
This is why these attacks are also short-lived says McKinnon, becauseย once users start to report the email as spam, the associated domain nameโs reputation โdiminishesโ.
The file downloaded via the email is a .zip, a common file type used to compress multiple files into one to make them smaller and easier to transfer. However, receiving a .zip file in an email should be a red flag for business owners, says McKinnon, and businesses should beย deleting any such files if they have not been sent by trusted sources.
โIf youโre being sent a zip file or a link to download a zip file, you should be extremely careful,โ McKinnon says.
โThough unopened zip files are harmless, the contents of them can contain executables which can then install malicious software on your computer.โ
With July 1 fast approaching, McKinnon warns thereโs โno questionโ business owners will see an increase in these type of scams during the end of financial year rush.
There have been a number of recent scams impersonating organisations that SMEs deal with frequently, including Australia Post, ASIC and the Australian Taxation Office. Theseย followย a similar pattern of a call to action, hoping to catch out time-poor business owners or employees with lots on their plate.
โItโs a busy time of year for Australian business owners, with many people trying to get bills paid and invoices sent before the end of financial year,โ McKinnon says.
โAll it takes is a busy finance team with one person who adds it to the piles of bills to be paid.โ
โBusiness owners need to take a minute and think about whatโs being sent, and see if thereโs a way to verify what the email is requesting through ASICโs website or a similar channel.โ
ASIC provides guidelines for business owners targeted by scams onย its website.
Never miss a story: sign up to SmartCompanyโsย free daily newsletterย and find our best stories onย Twitter,ย Facebook, LinkedIn and Instagram.
Comments