Thousands targeted in NSW Roads & Maritime Services email scam

Posted by Daniel McShanag on 06 June 2017 10:07:01 AEST

Cybercriminals launched a large-scale email attack yesterday impersonating NSW Roads and Maritime Services. The attack follows last week’s ASIC scam, impersonating yet another government agency.

The email, which is well formatted and not easy to spot as a fake, mimics an ‘E-Toll account statement’ and carries the branding of Roads & Maritime, the logo for NSW Transport, Roads & Maritime Services, and a realistic privacy statement, recycling message and other appropriate language.

Your E-Toll account statement - Mozilla Thunderbird_003.png

The first emails were intercepted around midday AEST, with thousands being intercepted by cybersecurity firm MailGuard. 

The emails are designed so that the sender display name changes in each email, followed by the word E-Toll, for example ‘From: Rosalee E-Toll.’

While this scam is well executed with accurate branding and language, it doesn’t address recipients by name - rather it is simply addressed to ‘Dear Valued Customer’ - nor does it carry any other personalised information.

It’s signed off by 'the E-Toll team'. Those who click the link inadvertently download a malicious JavaScript file housed within a zip file.

While the type of malware isn’t clear – it could be anything from a virus to ransomware – malware is generally designed to disrupt, damage or gain control of a computer system or data.

Opening statement 05062017.zip_004.png

Malware can reformat your hard drive, alter, delete or encrypt files, steal sensitive information, send unauthorised emails, or take control of your computer and all of the software on it.

Further information: Why email scammers hide behind big names

For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.

Keep Informed with Weekly Updates

 

^ Back to Top

Topics: cybercrime Cybersecurity Phishing

Back to Blog

Comments:


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.

Remember:

  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all