New Email Scam with Malware Could Infect your Computer

Stolen ID might be used for setting up the elaborate email scam of ASIC that was designed for infecting the systems of victims with malware.

Craig McDonald, CEO of MailGuard, said that the email was sent this morning to the Australian businesses, which contains a kind of malicious software that was designed for installing malware on the computer system of the victim. Experts from cybersecurity team of the MailGuard said that the mail in all probability would download a ransomware or trojan.

The emails apparently asked customers to renew their business details through provided links which, on clicking, would activate a Javascript dropper and infect computers with malware.

MailGuard, email security vendor, released a warning suggesting that a stolen ID might was used to help for setting up the scam. Crn.com posted on April 19th, 2017, stating that the originating domain namely austgov.com got registered in China, where stern rules for registering a domain need a genuine ID to be scanned.

Craig McDonald, CEO of MailGuard, said that "Chinese authorities are strict about domain registration requirements, and anyone who wants to register a new domain requires an ID scan." He further added that this creates huge probability that the stolen ID being used by the cyber criminals for setting up the scam.

McDonald said that legitimate email infrastructure backed the domain for trying to trick the email servers to accept the fake emails. However, those following the instructions and then clicking 'Renewal letter' link - possibly persuaded by govt. branding as well as the professional-looking formatting - are straightaway in malware risk.

The email has signature of ASIC Sr. Executive Leader, Alexander Ward, however no one is matching the description appears for working at ASIC. During past week, large volume of fake emails targeting the Australians was spreading around, with separate well-made scams posing as myGov and MYOB recently.

ASIC recommends users to keep their antivirus software updated, be careful about emails which do not address recipients by name or wrong spelling of recipient's name and should be cautious of emails with unknown enclosures. If you think that the email may be genuine, then type the real URL into your browser or contact the company directly. Also, you should be alert of any strange structure of sentence or phrasing which is not common to the seeming sender.

» SPAMfighter News - 4/24/2017