Many companies that offer managed IT services also include impressive security packages for their clients. As the recent spate of phishing attacks in Australia can attest, managed IT in Sydney can improve by a notch or two when it comes to educating users to use caution when faced with a possible phishing attack.
Web and email security service provider Mailguard recently revealed that a massive phishing campaign reached Australian inboxes on the evening of 26 September. The emails were pretending to have come from Virgin Media and eFax Corporate. The Virgin Media email contains a fraudulent bill, while the eFax Corporate email informs users that an unknown sender sent them a fax. Once users click the “view bill” or “view message” icons, they would be redirected to a compromised SharePoint site that would automatically trigger a download to a ZIP file. The ZIP file contains a malicious JavaScript file, which as you probably know can wreak havoc on a computer or compromise the user’s data.
What makes this campaign seem realistic is the fact that the emails contain the appropriate branding from the companies as mentioned earlier. They seem to be “well-formatted,” included all the right logos, and in the right places. If you are a subscriber from any of them, you might be duped into thinking that you received the real thing.
However, Virgin Media only provides services to the United Kingdom. Meanwhile, the eFax scams display the originating phone number with the international dialing code 44, which is the country code for the UK. The timing of the attack was also suspect, as it reached the Australian inboxes in the evening, which is morning in the UK. This had IT services experts thinking that the campaign was primarily geared towards UK subscribers, and the Australian recipients received the emails as an overspill of the attack. After all, if you are in Australia and you received a telephone bill from the UK, you would hardly be inclined to think that it is the real thing, yes?
Despite this, IT service providers would not be remiss in their duty if they reiterate to the users the proper protocol for handling suspicious emails. If the emails came from a sender you do not know, have not subscribed to, or have heard of, then it would be for the best to ignore the message. Likewise, just because the branding is accurate does not necessarily mean that the email is the real thing. Be sure to check the sender’s address to ensure that it is from a trusted provider.
About IntelliTeK Pty Ltd
IntelliTeK is a managed IT services company in Sydney, Australia. With major vendor relationships and accreditations from the world’s leading IT companies including WatchGuard, Microsoft, Trend Micro and Amazon Web Services, IntelliTeK have kept clients happy since 2007.
IntelliTeK is always up to date with the latest cloud backup solutions which is why we only partner with the best in the industry. If your company isn’t fully equipped to fend off cyber criminals, then get in touch with us so we can discuss your options. Call us on 1300 768 779, email us at info@intellitek.com.au, fill out the web form, or have a Live Chat with us below.