Live in Australia? Don’t open that email from ASIC.
Australians all over the country are receiving emails pretending to be from the Australian Securities and Investments Commission (ASIC). Unfortunately, this email is not from ASIC, and instead is, not surprisingly, malware. Australia is once again, under attack.
This attack began early on July 10th. The delivered email arrives with the subject line of “Renewal” and is delivered from “ASIC.Transaction.Nofirstname.lastname@example.org”. This domain was just recently registered in China.
Starting out the message with “Dear Customer” instead of a personalized correspondence, the email tells the recipient that they need to renew a business name. The email gives the option to pay via credit card, although that is simply there to make the email look more legitimate. Instead the attackers wish the reader to request an invoice. When the reader clicks the link to do so, they are actually downloading malware to their computer.
This is just the latest similar attack to land in Australia. Already this year there have been attacks delivered in much the same way in January, March, May, and just days after an attack claiming to be from the Australian Taxation Office.
Before clicking links or attachments in emails, always ensure you know what you are clicking. If there is any question, avoidance is always the best policy.