Contact us

1300 GOCYBER (1300 462 923)

Call or email us today!

Contact details:

Message:

Your message has been sent successfully. Close this notice.

Cyber Insurance Quote Form

Limit of Liability

Company Details

Do you process, transmit or store more than 10,000 financial transactions per year?

Yes No, less than 10,000

Do you use and keep up to date firewalls and anti-virus protection for all systems?

Yes No

Do you use third parties to complete audits of your system and security on a regular basis?

Yes NO

Are all portable devices password protected? (mobile phones, laptops, tablets, etc)

Yes No

Do you have encryption requirements for all data including portable media?

Yes No

Do you have back-up and recovery procedures for business critical systems, data and info assets?

Yes No

Do you outsource any part of your network, including storage?

Yes, we use third party providers. No, all managed in house

Do you store sensitive information on web servers?

Yes No

Do you know of any loss payments, fines or penalties being made on your behalf?

Yes No

Are you aware of any matter which might give rise to a claim or loss under such insurance?

Yes No

Have you suffered any loss or claim but not limited to a regulatory, governmental or administrative action brought against you, or any investigation or information request concerning any handling of personal info?

Yes No

The applicant or any subsidiaries have any knowledge of any loss payments, fines or penalties being made on behalf of any applicant or any person proposed for coverage any cyber policy or similar insurance?

Yes No
Your quote request has been sent successfully, one of our brokers will contact you today! Close this notice.

Business Insurance Quote

Contact details:

Sections

Property & Contents

Yes, please quote No, thank you

Public & Products Liability

Yes, please quote No, thank you

Cyber Liability

Yes, please quote No, thank you

Theft & Money

Yes, please quote No, thank you

Computers & electronic equipment

Yes, please quote No, thank you

Business Interruption

Yes, please quote No, thank you

Machinery Breakdown

Yes, please quote No, thank you
Your quote request has been sent successfully, one of our brokers will contact you today! Close this notice.
2 years ago · by · 0 comments

March Malicious Emails Targeting Australian Business

cyber security, lock

Malicious March Madness

It’s time for the malicious emails that came up in March 2017, we will take a look at some of the most recent email scams targeting Australian businesses. Share this list with your colleagues to spread awareness of recent scams which may come across your email inbox.

To verify, report or learn more about a scam contact the ATO Scam Report or ScamWatch.

National Australia Bank

NAB customers were made aware of 2 different scams during March to look out for, one using SMS phishing and the other using email phishing. NAB updates their internal security page with fraud warnings for their customers as they discover them, we recommend monitoring these warnings if you bank with NAB.

The SMS phishing incident involved an NAB branded SMS stating that the customers card is now locked and to simply follow the included link to update security details. Of course, the link included is a malicious clone of the NAB website designed to confirm banking credentials and “unlock” the card as seen below.

banking fraud

NAB’s email phishing warning is very similar to the above text message trick, instead of a locked card the email indicates unusual activity on the customer’s account which needs to be confirmed urgently. The included link leads to a fake clone of the NAB website asking for banking and credit card credentials. As is commonly seen, the sending address was spoofed to be shown as alert@nab.com.au but the real sending address was upuxbsafde@rivals.com as can be seen below.

NAB has urged customers to contact their local branch or call 13 22 65 if they received either of the above phishing attempts.

Cyber Insurance Australia Logo

 Help protect your business from malicious emails with cyber insurance.

ASIC Renewal Notices

ASIC is a common target due to the information and regularity with which they interact with business owners. This month MailGuard reported an ASIC email which was distributed tens of thousands of times from a new email domain registered in China. The malicious emails which claim to be from the Australian Securities and Investment Commission contain a link to a malware downloader which begins an intrusion usually ending in ransomware and extortion.

We report on ASIC scams each month with no end in site, previous malicious emails can be found here and here. Similar to previous malicious emails, the government branding and ASIC logo head the page to start legitimate.  Recipients are then instructed to follow the link and renew their company information or email a legitimate ASIC email address to cancel their registration.

Instead of the legitimate ASIC domain of @asic.gov.au the email came from ASIC-Transaction.No-reply@@asic-gov-au.co and the employee sending the request “Max Morgan” does not exist either.

“These emails often have a link that provides an invoice with fake payment details or infects your computer with malware if you click the link,” the ASIC website says.

malicious email

Australian Taxation Office

Another government agency which seems to have a constant stream of malicious impersonators is the Australian Taxation Office. This month has 2 malicious emails from ATO. The first claims that the recipient’s 2016 tax return  has revealed “several inconsistencies” which can be fixed by following the link to download a report and visit their nearest ATO in person to clarify the discrepancies.

The malicious link downloads a piece of malware and begins the infection.

The second fake ATO email making the rounds this month is very similar except in this instance the recipient can receive a tax refund they weren’t aware of, free money. Simply complete the online form located in the included link and the ATO will return whichever amount was listed in the email.

 

Unlike the first email, this is a little more complex. The enclosed link directs the user to an ATO branded online form designed to gather sensitive information for identity theft and credit card fraud.

The tax office will never send a request for additional funds or discrepancies. If you receive similar emails and would like to verify legitimacy, contact the ATO.

Cyber Insurance Australia Logo

 Help protect your business from malicious emails with cyber insurance.

That is our March list of malicious emails to keep a look out for, feel free to comment with any malicious emails we missed. Each month we will be updating and reporting new malicious emails making the rounds for Australian businesses.

Subscribe and follow Cyber Insurance Australia on Linkedin & Facebook for regular updates and information. Thanks to MailGuard & Hoaxslayer, subscribe to the security blog for regular updates here.

To ensure email security for your business, contact DDM Security Systems to learn more about email encryption & protection.

Share this list with your colleagues to help spread the word before one of these nefarious emails ends up at your business.

Comments

Not found any comments yet.

Leave a reply

Your email address will not be published, and your website url is not required.

Take care of your business

Insurance for
your business future

Call us today for specialist business insurance packages.

Company information

Naga Risk Solutions Pty Ltd T/as Cyber Insurance Australia ABN 59 378 032 992. CAR 1250594

Authorised Representative for National Advisor Services Pty Ltd t/as Community Broker Network (CBN) ABN 60 096 916 184 | AFSL 233750

Financial Services Guide (FSG), Privacy Policy & Complaints & Dispute Handling, Insurance Brokers Code of Practice (FSG)

Contact details

E-mail address:
contact@cyberinsuranceaustralia.com.au

1300 GOCYBER

1300 462 923

Available 8:30am - 5:00pm

PO Box 1677, Milton LPO
Milton
Brisbane, QLD 4064

Join our monthly newsletter for:

Enter your email and stay up to date,

Subscribe to our monthly newsletter!