A stolen ID may have been used to set up an elaborate ASIC email scam designed to infect victims’ systems with malware.
MailGuard CEO, Craig McDonald said the email had been sent out to Australian businesses this morning, containing a type of malicious software designed to install malware on victims’ computer systems.
Experts from the MailGuard cybersecurity team said the mail was most likely to download a trojan or ransomware.
“The zero-day email appears to come from Australian Securities and Investment Commission (ASIC) and claims to contain a company name renewal letter,” Mr McDonald said.
“But instead of coming from the legitimate ASIC site, asic.gov.au, it is sent from a newly-created austgov.com domain, which was registered in China.”
Mr McDonald said Chinese authorities are strict about domain registration requirements, so anyone who wants to register a new domain requires an ID scan.
“This creates a high likelihood that a stolen ID was used by cybercriminals to set up the scam.”
The domain is backed by a legitimate email infrastructure in order to trick email servers into accepting the fraudulent emails.
But those who follow the instructions and click the ‘Renewal letter’ link – likely persuaded by the government branding and professional-looking formatting – and are instantly at risk of malware.
The email contains the signature of Alexander Ward, a Senior Executive Leader at ASIC, but nobody matching that description appears to work at ASIC.
Fraud emails targeting Australians have been circulating in high volume over the past week, with separate well-designed scams impersonating MYOB and myGov recently.
MailGuard’s cybersecurity experts have also seen a proliferation of malware hosted on unsuspecting corporate entities’ SharePoint accounts recently.
ASIC’s website says recently scammers have been contacting registry customers asking them to pay fees and give personal information to renew their business or company name.
“These emails often have a link that provides an invoice with fake payment details or infects your computer with malware if you click the link,” the ASIC website says.
She became a member of Starts at 60 and got access to amazing travel deals, free masterclasses, exclusive news and features and hot member discounts!
And she entered to win a $10K trip for four people to Norfolk Island in 2021. Join now, it’s free to become a member. Members get more.