Beginning distribution at 9.43am today, it quickly escalated to become one of the largest-scale malware deliveries seen by MailGuard in the past 12 months.
The attack is delivered via email, apparently from the Australian Competition and Consumer Commission.
It tells recipients their business name is due for renewal, and directs them to click a link to download their renewal notice.
While the exact type of malware isn’t clear – it could be anything from a virus to ransomware – the point of it is to disrupt, damage or gain control of a computer system or data.
What to look for
- The email appears to be from ‘ASIC Messaging Service’, and is sent from the domain ASIC.Transaction.No-reply @ asicdesk.com
- The domain was registered yesterday in China
- The subject line is ‘Renewal’
- The well-formatted message contains ASIC branding and government coat of arms
- It lacks personalisation, and is simply addressed ‘Dear customer’ – something legitimate agencies don’t do
- The email provides details on how to renew a business name, and tells recipients they can pay for the fake renewal by credit card or by requesting an invoice. The payment tips are just part of the scam; the cybercriminals want victims to download the malicious attachment rather than to open their wallets.
- The email is signed off by ‘Myra Tango, Senior Executive Leader, Registry’. No employee by that name appears to exist at ASIC.
MailGuard urges Australians to hesitate before clicking any type of attachment or link in an email if they’re uncertain of its legitimacy.
For a few dollars per staff member per month, add MailGuard's cloud-based email and web security to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.