Brandjacking

Published date : 2018-03-20

This month, a phishing email was sent to Australians’ inboxes purporting to be from cloud storage company, Dropbox.

The scam was picked up by email filtering company, MailGuard, on 5 March. It aimed at getting recipients’ login credentials.

The message within the email asked recipients to click on a link in order to view documents received. Usually, these types of scams lead the recipients to a fake login page where they collect the details.

After acquiring the details, cyber criminals use the accounts to store malicious files or sell the stolen credentials so others can access personal files and steal their identity in order to commit fraud, MailGuard wrote in its blog.

On 6 March, a malware scam was identified where cyber criminals hid behind South Australia-based sanitation services company, Enviro Sweep.

According to MailGuard, the ‘Tax invoice’ email contains a PDF file attached within which is a link to a malware file.

The message was sent from ‘gtaylor@envirosweep.com.au’, which MailGuard believes to be a real Enviro Sweep address.

The next Australian business to have its brand hijacked was MYOB. On 7 March, fake invoices were sent purporting to be from the accounting software firm.

According to MailGuard, the view invoice link within the message actually took recipients to a malware file instead.

The company believes that the sender addresses are likely to be real accounts which would have been compromised.

The next scam took place on 8 March, and it hid behind the brands of Australia’s largest telecommunications providers, including Vodafone, Telstra and Bigpond. The scam email used simple formatting in order to deliver a fake wire transfer receipt.

The PDF attachment carried malicious code that was activated if the file is opened, MailGuard wrote.

On the same day, a new scam was sent, this time purporting to be a Quickbooks invoice notification. In this instance, a ‘View invoice’ link took recipients to an archived file containing malware.

“Once the victim’s computer is infected with malware it may be used by cyber criminals in a number of ways: to mount botnet attacks, run ransomware, spy on computer networks or launch further email scams,” MailGuard wrote.

Original Article by ARN – https://www.arnnet.com.au/article/634434/scamwatch-round-up-dropbox-myob-vodafone-telstra/?utm_campaign=daily-pm-edition-2018-03-09&utm_medium=newsletter&eid=-4152&utm_source=daily-pm-edition