Do you process, transmit or store more than 10,000 financial transactions per year?
YesNo, less than 10,000
Do you use and keep up to date firewalls and anti-virus protection for all systems?
YesNo
Do you use third parties to complete audits of your system and security on a regular basis?
YesNO
Are all portable devices password protected? (mobile phones, laptops, tablets, etc)
YesNo
Do you have encryption requirements for all data including portable media?
YesNo
Do you have back-up and recovery procedures for business critical systems, data and info assets?
YesNo
Do you outsource any part of your network, including storage?
Yes, we use third party providers.No, all managed in house
Do you store sensitive information on web servers?
YesNo
Do you know of any loss payments, fines or penalties being made on your behalf?
YesNo
Are you aware of any matter which might give rise to a claim or loss under such insurance?
YesNo
Have you suffered any loss or claim but not limited to a regulatory, governmental or administrative action brought against you, or any investigation or information request concerning any handling of personal info?
YesNo
The applicant or any subsidiaries have any knowledge of any loss payments, fines or penalties being made on behalf of any applicant or any person proposed for coverage any cyber policy or similar insurance?
YesNo
Your quote request has been sent successfully, one of our brokers will contact you today! Close this notice.
Business Insurance Quote
Contact details:
Sections
Property & Contents
Yes, please quoteNo, thank you
Public & Products Liability
Yes, please quoteNo, thank you
Cyber Liability
Yes, please quoteNo, thank you
Theft & Money
Yes, please quoteNo, thank you
Computers & electronic equipment
Yes, please quoteNo, thank you
Business Interruption
Yes, please quoteNo, thank you
Machinery Breakdown
Yes, please quoteNo, thank you
Your quote request has been sent successfully, one of our brokers will contact you today! Close this notice.
Another month and another list of email scams being targeted at Australian business owners, let’s dive in and take a look at a few of the nefarious, clever and also simple ways criminals are attacking Aussies. September has been a big month despite major media coverage lacking after the previous Petya & Wannacry attacks.
Each day millions of malicious emails are sent to individuals and business owners with ever increasing sophistication. The scammers responsible for the below scams are part of well organised and funded criminal groups which put increasing amounts of effort into their activities.
Throughout September, Telstra has been impersonated multiple times from different scammers trying to leverage the telecommunication giants reputation and email billing system. As can be seen in the first image below, scammers have duplicated the Telstra email bill format, wording and branding from authentic bills in an attempt to increase legitimacy. Typically these scams advise that an outstanding amount is overdue and to follow the provided links for immediate payment. This scam however notifies many recipients that their account is actually in credit and is relying on the curiosity of victims to click without looking for suspicious warning signs.
The above email link initiates a malicious file download which is designed to steal sensitive information. In this instance scammers are using randomised account numbers, we recommend checking for warning signs such as sending address and a lack of personalisation. Official Telstra bills will have account holder information and personalisation.
A similar Telstra email scam made the rounds this month, not as sophisticated as the above duplicated email but just as malicious. As seen below, the email contains very few errors and ironically contains official links to other pages such as the Telstra email fraud page warning about exactly these emails.
Despite it’s lack of branding, many Australians were thrown by the well worded format and very close sending address to the official Telstra email bill address.
Xero
The below Xero email courtesy of Mailguard shows a very convincing Xero invoice which has been sent to Australian businesses. The email presents a PDF containing the invoice details in a very similar fashion to the official Xero emails. This scam relies on randomised amounts from random business names to intrigue recipients into checking the invoice.
The PDF is not an attachment but instead a link to download malware onto the recipients machine. The sending address appears to be legitimate at first glance but quickly you’ll notice the unusual ending of “@ post.xero.inc-r.com”, a good reminder to always check the sending address.
AusPost has been impersonated in the past but this particular scam uses Microsft OneDrive branding for the emails. The malware arrives as “AusPost Service Notification” with a randomised subject line similar to ‘AusPost Track – 123456789 -100-98765 Monday September’. Recipients are prompted to view the delivery details in OneDrive using the link provided.
Once clicked, the link takes recipients to a random web page where they are urged to download a .zip file containing malicious software designed to encrypt their information in exchange for a bitcoin ransom. According to the Australian Government, identical scam emails have also been seen impersonating the Australian Federal Police and e-Toll.
ASIC
Similar to previous ASIC scams we have written about in July, April and May. The government department was once again the victim of a large run of malicious emails from cyber criminals looking to impersonate the ASIC brand and reputation.
A sample email seen below shows how well duplicated this attempt is. The spelling and grammar has very few mistakes, they have used legitimate branding lifted from official documents and included links to the official privacy policy and ASIC help section. The two main red flags are the sending address , asic.transaction. no-reply@ ato.gov.autsl.com which according to Mailguard was registered 24 hours prior in China and the lack of individual personalisation.
Recipients are prompted to click a link to download their renewal notice. The link presents a suspicious .zip archive to download which contains malicious files designed to steal personal information. Look out for suspicious ASIC emails as they are a never ending target of impersonation by cyber criminals.
This was a small sample of the malicious emails which arrive in inboxes every day. Many scams operate in a similar fashion but use different brands for legitimacy, we will continue to report scams each month in an attempt to help raise awareness. Thanks to MailGuard for their regular blog updates on scam emails circulating in Australia.
In the event that your business is impacted by a cyber attack, data breach or email scam, cyber insurance is a cost effective way to mitigate the expenses, reputational damage and financial loss.
Subscribe to the newsletter and follow Cyber Insurance Australia on Linkedin & Facebook for regular updates and information.
It’s time for Cyber Insurance Australia to review some of the new email scams which targeted Australian businesses this July.
Today, as employee education continues to increase, criminals are very fastidious and clever with their malicious email scam attempts. No longer are the email scams poorly worded and as easily spotted by the general public. Criminal organisations are spending considerable amounts of time and money to deceive and scam Australians.
As always, ASIC makes it onto the list with another malicious attempt at using their likeness to fool unsuspecting business owners. Each month different email scams using ASIC branding are sent to millions of Australian email addresses with no end in sight. This particular scam as seen below, informs recipients that their business name is due for renewal. Simply click on the included link to download the renewal notice.
As you may suspect, the attached file is malicious and once opened could contain a virus, ransomware or other form of malicious software designed to interrupt or damage a system or data. These emails typically look well formatted with official branding from the government body or brand being impersonated. In this particular email scam the sending address “ASIC.Transaction. No-reply @ asicdesk.com” is fake and the sending officer “Myra Tango” does not appear to exist as an employee at ASIC.
We previously wrote about other ASIC scams in May, April, February and January. It is safe to say that this won’t be the end of this type of ASIC email scam, we recommend discussing typical red flags with all staff to avoid an accidental incident.
ANZ bank has had a run of very well formatted scam emails targeting their customers during July. The emails inform recipients that their account statement is ready and available to view. Banks within Australian commonly email notifications that account statements are available but with some important differences.
As can be seen in the first screenshot, the body has been well written and the branding is official and taken from legitimate ANZ statement emails. The sender is listed as “statements@ anzcommunications.anz.com” which is the official email address used by ANZ to send their legitimate statement notifications. When hovering over the sender name the actual sending address is “statements@ anzhost.org” which is fake.
Similar to the ASIC scam above, once the recipient clicks the “view statement” button a download is launched which contains malicious software. Malware is designed to steal private information, damage or destroy data and disrupt computer systems.
The below screenshot is a legitimate ANZ statement notification email for comparison. The fake email scam even has the official Australian financial services license details, help desk number and security notice to help establish legitimacy. Official bank notifications will never include the statement or any attachments. Legitimate ANZ emails will prompt customers to view their statement online using the ANZ banking portal.
Australian banks are regular targets for a number of reasons such as high technology adoption by the Australian public. We previously wrote about similar scams mimicking NAB and Citibank in past months.
Both Origin and EnergyAustralia have had another month of email scams targeting Australians. The theme of the scams is to imitate the email invoices sent out regularly by both energy organisations. In each case this month the branding and legitimate email details have been copied almost perfectly in an effort to dupe recipients. The emails show a typical energy email bill notification showing a random amount and upcoming due date. The scam emails contain different amounts and dates in an attempt to avoid detection from security software.
Both emails have a “view bill” button which downloads a .zip file with malicious Javascript contained within. According to MailGuard, the malicious payload is designed to:
Delay the analysis task by a long amount of time.
Steal private information from local Internet browsers
Install itself for autorun at Windows startup.
Example of EnergyAustralia scam email
Example of EnergyAustralia scam email
In some instances the due date has been incorrectly generated as a past date which is one red flag to identifying these scams. Other red flags are the random sending address, for example “noreply@ syrenergy.com”,” reply@globalenergyfinance .com” or “noreply@ energy2u.info”. Official email billing addresses to keep an eye out for, anything else is fake:
Millions of email scams are circulated daily to unsuspecting business owners and individuals. Awareness is half of the battle against a never ending wave of scams and phishing attempts, the other half is adequate email security.
In the event that your business is impacted by a cyber attack, data breach or email scam, cyber insurance is a cost effective way to mitigate the expenses, reputational damage and financial loss.
Cyber Insurance Australia reduces the costs of cyber crime for your business.
Share this list with your colleagues to help spread the word before one of these nefarious emails ends up at your business.
The ASIC website offers the following advice for avoiding email scams:
Keep your antivirus software up to date
Be wary of emails that don’t address you by name or misspell your details and have unknown attachments
Don’t click any links on a suspicious email.
Above all we recommend educating employees to recognise suspicious emails and unusual behavior without curiosity getting the best of them.
