Contact us

1300 GOCYBER (1300 462 923)

Call or email us today!

Contact details:

Message:

Your message has been sent successfully. Close this notice.

Cyber Insurance Quote Form

Limit of Liability

Company Details

Do you process, transmit or store more than 10,000 financial transactions per year?

Yes No, less than 10,000

Do you use and keep up to date firewalls and anti-virus protection for all systems?

Yes No

Do you use third parties to complete audits of your system and security on a regular basis?

Yes NO

Are all portable devices password protected? (mobile phones, laptops, tablets, etc)

Yes No

Do you have encryption requirements for all data including portable media?

Yes No

Do you have back-up and recovery procedures for business critical systems, data and info assets?

Yes No

Do you outsource any part of your network, including storage?

Yes, we use third party providers. No, all managed in house

Do you store sensitive information on web servers?

Yes No

Do you know of any loss payments, fines or penalties being made on your behalf?

Yes No

Are you aware of any matter which might give rise to a claim or loss under such insurance?

Yes No

Have you suffered any loss or claim but not limited to a regulatory, governmental or administrative action brought against you, or any investigation or information request concerning any handling of personal info?

Yes No

The applicant or any subsidiaries have any knowledge of any loss payments, fines or penalties being made on behalf of any applicant or any person proposed for coverage any cyber policy or similar insurance?

Yes No
Your quote request has been sent successfully, one of our brokers will contact you today! Close this notice.

Business Insurance Quote

Contact details:

Sections

Property & Contents

Yes, please quote No, thank you

Public & Products Liability

Yes, please quote No, thank you

Cyber Liability

Yes, please quote No, thank you

Theft & Money

Yes, please quote No, thank you

Computers & electronic equipment

Yes, please quote No, thank you

Business Interruption

Yes, please quote No, thank you

Machinery Breakdown

Yes, please quote No, thank you
Your quote request has been sent successfully, one of our brokers will contact you today! Close this notice.
2 years ago · by · 0 comments

May Email Scam Roundup – NAB, Origin, ASIC & more

malicious scam email

 

We will take a look at some of the most recent email scams targeting Australian businesses from May 2017. Share this list with your colleagues to spread awareness of recent scams which may come across your email inbox. Follow us on Linkedin & Facebook for regular updates.

The month of May saw the global “WannaCry” ransomware scam become first page news and infect many notable organisations in particular the National Health Service (NHS) in the U.K.

Despite the media attention many other scam emails with similar malicious intent went across the nation unreported by the mainstream media.

To verify, report or learn more about a scam contact the ATO Scam Report or ScamWatch.

 

ASIC

The Australian Securities & Investments Commission is a regularly impersonated target for scam emails, we’ve written in the past here and here about a few different types of malicious emails which have been sent from criminals posing as ASIC.

The emails which are being sent from the domain australiangovernments.com, are advising recipients to review their company renewal letter using the link provided. The link itself is pointed to malicious file named”renewal.zip” which could do numerous things including encrypting data and make a log of all keys pressed to gather important information.

Similar to previous scam emails, the communication is well worded, branded with ASIC logos and signed off by a “Senior Executive Leader” who does not actually exist. ASIC urges recipients not to let curiosity get the best of them and delete these emails immediately.

Instructions from the ASIC website – Scams Targeting ASIC Customers

Scammers pretending to be from ASIC have been contacting Registry customers asking them to pay fees and give personal information to renew their business or company name.

These emails often have a link that provides an invoice with fake payment details or infects your computer with malware if you click the link.

Cyber Insurance Australia Logo

Cyber Insurance Australia can help reduce the costs of cyber crime for your business. 

Origin Energy

A very convincing fake email has been sent in the tens of thousands this month containing near perfect Origin Energy branding. Most Australians now receive their energy bills via email instead of post which is great for the environment but has potential vulnerabilities. Scammers have replicated a common Origin email complete with logos and links to the real Origin Energy Privacy Policy to help lend further credibility to the email. Victims who clicked to download and view their bill are directed to a compromised Microsoft SharePoint account which is designed to install malicious software onto their system. The amount due will differ from email to email in an attempt to evade anti-virus software.

 

According to Mailguard, a fake domain called Originenergysolar.net was recently registered in China and the emails were sent from France.

NAB

National Australia Bank has always had a pretty consistent run with cyber criminals using their likeness for many different phishing campaigns. This scam email informs the recipient that their account has been disabled,  simply click the included link to reactivate your account, sounds easy enough. The link points to a duplicate of the real NAB website which prompts users for their NAB ID and password. A standard phishing email approach but one which still gets results.

 

In this instance the emails are coming from discharge.authority@nab.com.au. Criminals trick unsuspecting bank customers into putting their actual bank information into the fake website which is then used for unauthorised transactions.

WannaCry

By this point many Australians are aware of the “wannaCry” ransomware attack which has dominated the media more than it has dominated Australian businesses. The Prime Minister’s cyber security advisor Alastair MacGibbon told AFR, “there had been one likely case of the WannaCry ransomware attack on a small business but the impact of the attack had been limited.”
“We have not seen the wholesale impact we are seeing in the UK and Europe,” he said. “It has not affected our hospitals or other critical infrastructure.”
Experts are attributing some of Australia’s luck avoiding the scam down to a time zone difference, many Australian businesses had stopped trading for the weekend when the emails were arriving. which in turn did not give enough time for staff to view the scam email.

An attack targeting devices running Microsoft Windows which have not been updated with a security patch were the ones at risk. The purpose of the scam is to gain access to a network, encrypt the data and demand a bitcoin ransom within a short time frame or risk total data loss as can be seen in the above screenshot.

According to reports, more than 230,000 computers in over 150 countries had fallen victim to the scam yet official Australian reports indicate less than 15 Australian organisations were exposed. This attack affected many major services across the globe such as the National Health Service(NHS) in the UK and FedEx.

These scams happen every single day despite the lack of media coverage or direction from the government to raise awareness for business owners. An even more devastating variant of ransomware is already being seen by security researchers which won’t be widely reported on until it is on your doorstep.

Cyber Insurance Australia Logo

Cyber Insurance Australia can help reduce the costs of cyber crime for your business.

Feel free to comment with any malicious emails we missed. Each month we will be updating and reporting new malicious emails making the rounds for Australian businesses.

Subscribe and follow Cyber Insurance Australia on Linkedin & Facebook for regular updates and information. Thanks to MailGuard , subscribe to the security blog for regular updates here.

To ensure email security for your business, contact DDM Security Systems to learn more about email encryption & protection.

Share this list with your colleagues to help spread the word before one of these nefarious emails ends up at your business.

Comments

Not found any comments yet.

Leave a reply

Your email address will not be published, and your website url is not required.

Take care of your business

Insurance for
your business future

Call us today for specialist business insurance packages.

Company information

Naga Risk Solutions Pty Ltd T/as Cyber Insurance Australia ABN 59 378 032 992. CAR 1250594

Authorised Representative for National Advisor Services Pty Ltd t/as Community Broker Network (CBN) ABN 60 096 916 184 | AFSL 233750

Financial Services Guide (FSG), Privacy Policy & Complaints & Dispute Handling, Insurance Brokers Code of Practice (FSG)

Contact details

E-mail address:
contact@cyberinsuranceaustralia.com.au

1300 GOCYBER

1300 462 923

Available 8:30am - 5:00pm

PO Box 1677, Milton LPO
Milton
Brisbane, QLD 4064

Join our monthly newsletter for:

Enter your email and stay up to date,

Subscribe to our monthly newsletter!