A number of zero day scams are currently circulating, purporting to be from a variety of well-known brands.
MailGuard have identified and successfully blocked these zero day email threats and are protecting all our corporate clients from falling victim.
Here are screenshots of the types of emails to watch out for along with the associated fake landing pages:
1. This zero-day phishing scam purporting to be from NAB is a sophisticated attempt. The sample email below is relatively well written - despite a grammatical mistake, and the impersonal greeting - it appears legitimate at first glance. However, informed recipients understand that banks are aware of phishing scam attempts made by cyber criminals and will not ask you to verify details via a link in an email.
As you can see below, recipients that click the link to review their account are directed to a phishing landing page which is an exact rip off of the official NAB login page; it even includes a fraud protection notice in the footer.
This is identifiable by the URL in the website address field, in which the ‘in.nab.com.au’ addon is a sub domain of a compromised domain ‘pallotti.edu.bz’.
2. Phishing email scam purporting to be from Apple. This particular scam is poorly written, and despite appearing to originate from the Apple Support team should be easily identifiable as an unofficial email.
Similar to the NAB example above, the cybercriminals have also created a subdomain containing ‘Apple Support’ for the root domain ‘exclusivemotorworks.com’, to give the appearance that the website address is legitimate.
3. Whilst this Aldi marketing scam isn’t as malicious as the identity theft/phishing scam zero day email scams above, it will result in having your details sold on to interested parties for a multitude of reasons. This can result in personalised identity theft phone scams and mass marketing.
This email scam offers the recipient an opportunity to win a $1000 Aldi voucher in exchange for entering personal details.
As a precaution, we urge you to delete emails that:
- Appear to be from a legitimate company and are not addressed to you by name or are written in poor English.
- Require you to click a link in the email body to verify your identity. Banks are aware that cyber criminals send phishing scam emails including links to compromised websites. Your bank will always instruct you to go to their website directly, and not to log into your account via a link through an email.
- Request personal information that the purported sender should already have access to or not require for the stated purpose of the email.
Educating staff and employing cloud-based email filtering and web filtering, complimented by multilayered defences including desktop antivirus, anti-malware and anti-spyware will go a long way to mitigating the risk from a wide range of email scams.
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.