AWIA LogoFacebookGoogle Plusicon-codingicon-computericon-designicon-drawicon-drupalicon-maintenanceicon-mapicon-wordpressLinked InTwitter

ASIC Scam email

I got an email purporting to be from ASIC this morning asking me to click on a link regarding the newal of my company. I was suspicious but came ver close to clicking that link. Very dangerous.

The text of the scam:

Please find information in the following link regarding the renewal for your company. Renewal letter Select this link(hyperlink) to view, save or print the information. This link will remain active for 30 days. If you no longer need your business name to be registered, please email us at [email protected] and include: your business name; your name and telephone number (including area code). If you have any questions, contact us at www.asic.gov.au/question

I would consider myself resonably tech savvy but I came close to doing something silly. The email itself is a bit more sophisticated than most other phishing scams. It looks almost genuine.

There were two things stopping me. One was I'm sure my name hasn't expired. I went to check the ASIC site but couldn't login. Some vague error message about technical difficutlies. The second thing was that link. I hovered over it and the url didn't match any government server. The second warning sign was that it wanted to download a zip file.

I examined the email headers which pointed to Sendgrid. Sendgrid are a legitimate email company that are used for marketing campaigns.

There are 2 explanations.

  1. A user is using Sendgrid to send out emails violating their terms and conditions.
  2. The email header was spoofed. Personally I think this is the more likely scenario.

Either way. Scam messages are a clear breach of their policies, so I have forwarded a copy of the message with the headers for them to investigate. I suspect the culprits will be long gone before Sendgrid can deal with them. If they are spoofed, then it would be good for them to know about it.

Tips for identifying a scam email

1. The message contains a threat

Usually the threats are along the lines of: Your account will be cancelled if you don't act on the email.

2. Asks for personal infomation

Don't hand over passwords. Information such as your date of birth should be kept private. It can be used to verify accounts.

3. URLS in the email don't match the sender

This is often a dead giveaway. The link says something like th tax office but hovering over the link shows a completly different address.

4. You didn't initiate the action

You don't know the company or have never had dealings with them.

5. It's too good to be true

It would be nice if had really won European lottery, the US lottery or an uncle I've never heard of from Nigeria wants to give me my inheritance. However, none of it is true.

What do do if you see one

1. Look but don't click on the links

Those links will quite possibly direct you to a malware ridden website. Most email clients will show the link address in a pop up if you hover over the link. If the link looks very complex and looks like it's trying hide something, there's very good chance it is.

2. Never download any files

Word files contain macros that can then download unwanted files. PDFs can contain bogus links. Zip files can contain anything. Do not under any circumstances unzip a file you don't trust.

3. Don't respond

Responding only tells scammers you exist.

4. In to the bin!

Mark it as junk, chuck it in to the trash an move on.

5. Report

Sometimes you see some clues in the email headers. File an abuse report. Let the organisation know about the scam.

Categories

Posts

All posts