Jaclyn McRae 08 August 2017 10:34:24 AEST 3 MIN READ

Cybercriminals versus Australian brands: Who’s being impersonated?

In the past 12 months Australians have been targeted like never before with email-based scams.

The costs are quickly mounting

The world’s oldest insurance market, Lloyd’s of London, says a global cyber attack could cost as much as a natural disaster such as Hurricane Katrina.

Lloyd’s teamed up with a risk-modelling firm to assess the cost of a hypothetical hack of a cloud service provider to spread malware around the world.

They calculated damages (lost income and clean-up expenses) of a global cyber attack to hit $US121 billion. The official cost of Hurricane Katrina was $US108 billion.

Australia is a popular target

Every day, Australian businesses are impersonated in scams aimed at stealing money or private information.

The past few weeks have been no different – heralding two large-scale influxes of fraud emails landing in Australian inboxes. Both scams attempt to trick people into downloading malware disguised as a notice from ASIC.

One attempt was sent from a domain registered in China, while the other was distributed from a domain set up in Cyprus.

Which brands are hijacked most often?

Criminals go where the targets are. The bigger the customer base, the bigger the pool of victims. That’s why well-known brands with loyal customer bases are frequently in cybercriminals’ sights.

Here’s a list of the most common email-based scams intercepted by MailGuard in the past year.

Common seasonal scams targeting Australia

  • In the leadup to Christmas, Australia Post is a perfect target. Online delivery orders soar, and people are busy getting their shopping finished in time for the big day. The rush means people awaiting an online order are especially susceptible to an ‘Your parcel is due for delivery – click here to track it’ malicious email. FedEx and DHL are also regularly impersonated.
  • Around tax time, fraud ATO and ASIC emails ramp up. False Business Activity Statements, ‘Renew your business name’ attempts and fake tax return documents are prolific. All aim to trick people into click a link containing malware, or handing over sensitive personal information.
  • Winter sees a peak in fake energy invoices. AGL, Origin Energy, EnergyAustralia are impersonated regularly, and often on a huge scale.

Evergreen scams

  • Fake driving fines, inviting recipients to a (malicious) click a link to view the ‘evidence’ of their offence.
  • Sham invoices from telecommunications companies including Optus and Telstra.
  • Malware-carrying bills designed to look like they were sent by MYOB, Xero or Intuit QuickBooks.
  • Phishing attempts purporting to be from Australian banks. Westpac, ANZ, NAB, Commonwealth Bank and Macquarie Bank.
  • Attempts to hack myGov accounts, under the guise of a ‘Verify your identity’ phishing email. With more than 11 million Australian accounts reportedly registered with myGov, which holds sensitive information from agencies including the Australian Taxation Office, Medicare and Centrelink, this poses a huge potential breach risk.
  • PayPal, Dropbox, Google Drive, Apple and Office 365.

Anatomy of an attack

  • An up-and-coming cybercriminal can find everything they need to complete a large-scale email scam on the internet’s underground: the dark web.
  • Known as phishing kits, these can be purchased as a package, with the price dependant on the sophistication of the fraud attempt.
  • Once the kit has been purchased it can be deployed relatively easily. The first step is purchasing a domain to host the attempt – because these can be registered anywhere in the world it’s difficult to identify the real country of origin.
  • In the case of a mass phishing attempt, the kit usually comes in the form of a compressed archive file which contains all the elements necessary to configure the scam. Among this cache is a list of recipients, together with their contact details. Often this information has been stolen in a previous phishing attempt.
  • The attack is deployed, with the emails distributed to recipients in bulk. The aim is to steal information, which might be used to access bank accounts, or on-sold on the black market.
  • Brand-impersonation scams have a short shelf life – usually less than 24 – with companies quick to arrange the blacklisting of domains set up to defraud their customers.

Will an email bring your company unstuck? Talk to the MailGuard team today for a quote for enterprise-grade business security.

For a few dollars per staff member per month, add MailGuard's cloud-based email and web security to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.

Keep Informed with Weekly Updates

 

^ Back to Top