Stay Smart Online recently issued an alert about a number of new phishing emails carrying malware which have been identified in the recent days. The emails pretend to come from a number of Australian institutions including the Australian Tax Office (ATO), the Commonwealth Bank, National Australia Bank (NAB) and Telstra. Others have also been identified mimicking MMS messages. We look at the details of these phishing emails, and the dangers malware can pose for your identity and your credit file.
By Graham Doessel, Founder and CEO of MyCRA Credit Rating Repair and www.fixmybadcredit.com.au.
It seems these phishing emails are more prolific than ever, and can be an easy trap to fall for with the untrained eye. For example, last week MyCRA received some emails via our published email addresses, purporting to be from credit reporting agency Dun & Bradstreet. The email contained a zip file which if opened, I’m sure would have contained malware. The email looked very convincing at first glance, and was relevant to our profession both with the source and content of the email. It was only after reading thoroughly through the email we identified it was from an international DnB – and we understood it to be a scam. DnB UK had issued an official warning to its customers and clients about this scam. But how many people would fall for it?
These fraudsters must have programs to troll through websites, identify frequently used words, and allocate appropriate phishing emails accordingly. How advanced – and how dangerous this process is.
Stay Smart Online has provided examples of the current ATO phishing messages which appear to be sent from payroll provider ADP, and may include malware attached as a .zip file (currently ATO_TAX_16072013.zip). The banking examples have included malware attached as SecureMessage.zip. An example of the ATO phishing email is below:
———- Forwarded message ———- Date: Mon, 15 Jul 2013 15:35:42 -0800 From: payroll.invoices @adp com Subject: Australian Taxation Office – Refund Notification
Australian Taxation Office 16/07/2013
TAX REFUND NOTIFICATION
After the last calculation of your fiscal activity we have determined that you are eligible to receive a refund of 6731.76 AUD.
For more details please follow the steps bellow :
– Right-click the link on the attachment name, and select Save Link As, Save Target As or a similar option provided. – Select the location into which you want to download the file and choose Save. – Open the file Microsoft Word file to view the details.
Sonny Stout, Tax Refund Department Australian Taxation Office
If you receive this email, simply delete it. Do not respond or open the attachment.
SSO says many security products are not identifying the attachment correctly as malware, meaning that if you open the attachment, a Trojan will attempt to install on your computer. But the say detection rates are improving quickly as more security vendors add this malware definition to their products; in the meantime, your computer may be vulnerable. Another reason to include automatic updates of your anti-virus product.
Avoid phishing emails
Always be suspicious of unsolicited emails.
Do not click links or open attachments unless you are confident about the sender and information the email contains. The best advice is to simply delete the email.
If you are uncertain about the origin of any email you can always cross check the information by going independently to the company or source’s website or by calling them directly. More information Read Stay Smart Online’s advice about avoiding phishing and advice about spam.
Information provided by Telstra’s Chief Security Specialist, Scott McIntyre.
The ins and outs of phishing scams
Phishing scams are generally emails or text messages which impersonate genuine companies in the hope of tricking victims into giving out their personal and financial information.
The aim of phishing is to steal information like bank and credit account numbers, passwords, and other crucial data. The ACCC’s Scamwatch website warns that phishing emails are not easily distinguishable from genuine corporate communication:
“Phishing emails often look genuine and use what look to be genuine internet addresses—in fact, they often copy an institution’s logo and message format, which is very easy to do. It is also common for phishing messages to contain links to websites that are convincing fakes of real companies’ home pages.
The website that the scammer’s email links to will have an address (URL) that is similar to but not the same as a real bank’s or financial institution’s site. For example, if the genuine site is at ‘www.realbank.com.au’, the scammer may use an address like ‘www.realbank.com.au.log107.biz’ or ‘www.phoneybank.com/realbank.com.au/login’.”
The ramifications of falling for a phishing scam
Clicking on links in phishing scams can mean just the simple act of clicking on the link can put you in danger. Many phishing emails are designed to infect computers through virus-containing links in the emails. This could mean that you could download a Trojan or similar virus designed to steal your financial information – and you may have no idea its happening.
This could be dangerous for your credit file. Because while you are carrying out your normal online transactions, the Malware that you have installed could be tracking passwords, financial details and personal details about you. This could be used by a clever and determined cyber-crook in order to build a fake identity in your name.
Suddenly credit could be accessed in your name, and you probably won’t know about it until you apply for credit yourself and are refused. This presents real problems for fixing your credit rating, because what we know about removing unfair or inaccurate listings from your credit file is that you must provide evidence and proof that you didn’t initiate the credit. This can be difficult to do when you have no idea how the theft of your information occurred. It can be a nightmare for victims.
So don’t get hooked by a phishing scam. If you receive an email that looks legitimate – go independently to the Bank or other company’s website to verify it. Or use the official Bank phone number (not the phone number presented on the email) to call the bank directly to verify the email is legitimate.
Image: David Castillo Dominici/ www.FreeDigitalPhotos.net