It’s that time of the month again where we highlight the latest email scams circulating the world wide web, courtesy of MailGuard.
See below some scams Aussies should be looking out for. The first is from Australia Post and the Second TPG and iinet.
Australia Post Scam
Firstly, Australia Post is being targeted by a phishing email scam where it asks users to confirm payment.
Titled “Your package is waiting for payment confirmation”, the email uses the display name “AU# AUSTRALIA POST”. The email address used in the “from:” field, however, doesn’t use a domain belonging to the postal company. The email actually originates from what appears to be a newly created domain used specifically for phishing and spam.
MailGuard says the email body informs users that their “shipment is awaiting delivery” and advises them to “confirm the payment” via a link. A link is provided for them to so, and the email ends with a copyright symbol, along with the words “Australia Post”. Hovering over the link reveals the usage of a link shortener – likely an attempt to hide the true destination of the malicious link.
Unsuspecting recipients who click on the link to confirm their payment are led to a fake Australia Post-branded page asking users for their credit card details.
This is a phishing page designed to steal users’ details. Once they submit their payment details, attackers harvested them for later use, and users are led to another page prompting them to submit an SMS code.
If you receive an email like this delete it and if possible, block the sender.
TPG and iinet Scam
Telecommunications giant TPG has been used in a phishing email scam designed to harvest confidential data of users. TPG own iinet and the scammers are using a similarly constructed email and their good reputation to trick their victims.
According to MailGuard, the TPG email is titled “important !”, the email uses the display name “Tpg Telecom” and includes the company’s branding and logo.
The email address used in the “from:” field appears to spoof a support account belonging to TPG. The email actually originates from a third party service called register.com. It informs users of a “problem” with their “current payment method” and advises them to update their payment details or risk “a delay” in their service.
The iinet email looks almost identical, but appears to come from the iiNet Billing Team, also alerting the end user to a problem with the payment of the invoice and advising them to update their current payment info to avoid an interruption of service.
In both emails there is a button for users to click, once they do they are sent to a legitimate looking TPG or iinet page, however it isn’t and is hosted in Europe.
This is a phishing page designed to steal users’ details. Once they submit their login details and “sign in”, their username and password are harvested for later use, and they are led to another page asking for credit card information.
MailGuard is stopping emails such as this reaching the mailboxes of end users. If you aren’t using MailGuard and receive an email like this, delete it immediately and if possible, block the sender.
Take Home Message
Email scams or phishing come in various forms either telling someone they’ve won money; their account has been hacked or a change in password.
If you’ve received an email from a sender that doesn’t seem familiar or a contact has sent you an email with information that doesn’t seem quite right, please flag it with us and we will review it for you.
Every month we will be sharing the latest in email scams courtesy of MailGuard.
To get a more comprehensive understanding of how to spot scam, please refer to one of our previous blogs:
Using mail protection software is a great way to control email, and reduce the chance of receiving such scam.
If you are interested in using MailGuard to add an extra layer of security to your email, reach out to us today at [email protected] or call us on 1300 770 035.
Comments are closed.