Cybercriminals are targeting Australian business inboxes with a very large run of scam emails today, purporting to be from ‘ASIC Messaging Service.’
MailGuard began blocking the very large run of emails at 08:16AM AEST today.
The well-crafted emails could easily catch-out businesses who don’t think twice before clicking. The display name ‘ASIC Messaging Service’ and sending email ‘asic.transaction.no-reply @ ato.gov.autsl.com’ may resemble legitimate credentials, however the ‘autsl.com’ domain was only registered yesterday with a registrar in China.
Unlike other email scams, this email is also well authored with very few spelling or grammatical errors, which are the typical tell-tale signs of a scam.
The attack tells recipients their business name is due for renewal, and directs them to click a link to download their renewal notice.
But the attachment links to a .zip archive file, which contains a malicious JavaScript file.
The link in the email prompts users to download a .ZIP file which contains a malicious JavaScript file. The downloaded file seeks to steal the users private credentials from local internet browsers, and installs itself for autorun at Windows startup.
What to look for
ASIC is regularly mimicked by cybercriminals. Similar scams targeted Australian inboxes in January, March, May, and July.
MailGuard urges Australians to hesitate before clicking any type of attachment or link in an email if they’re uncertain of its legitimacy.
For a few dollars per staff member per month, add MailGuard's cloud-based email and web security to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.