Another large scale run of fake ASIC emails was deployed yesterday. The first message was delivered at 08:46:21 AEST on the 23rd August, and purports to be an ABN registration renewal notification.
The email is seemingly legitimate, due to the professional formatting and grammatical accuracy.
The display and sending address are “ASIC Messaging Service” and firstname.lastname@example.org respectively. The servers used to send the emails are located in France, and the domain was registered just a day before the phishing run.
Giveaways that this is a fraudulent email:
- The domain name – there is a misspelling of “government.” Australian government websites have the domain suffix / top level domain “.gov” (ASIC’s official domain is asic.gov.au).
- It is not personalised with the recipient’s details (business name, ABN, account number).
- The signatory, Damien Bronstad (based on a web search), is not an actual employee at ASIC.
ASIC, and other government departments such as the ATO and ACCC, and companies with large customer bases, are regular victims of brand jacking. This is the fifth ASIC branded email phishing scam detected by MailGuard this calendar year, off the back of a scam last month of unprecedented scale.
ASIC does send out email notifications 30 days prior to the renewal due date, however, their recommended payment method is via their online portal.
Our Operations team have determined that 100% of MailGuard's customers have been protected and are monitoring for variants.
For a few dollars per staff member per month, add MailGuard's cloud-based email and web security to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.