One of the first cyber attacks to hit 2018 is the email phishing scam using CPA Australia’s identity. Following previous styles of attack, emails are sent to dupe recipients into thinking that it is legitimate email from the company when in fact it’s intended purpose is to maliciously attack the recipient, its computer and its personal information.
The intercepted email in question poses as an invoice from CPA Australia to the recipient which includes an “invoice” attachment. The attachment is a Microsoft Word .doc file and if downloaded and opened will proceed to hijack the victim’s computer system. Hidden within the .doc file are malicious macros which operate in the background and activates itself in a trojan form (or something similar) and has the capabilities of taking over the entire system including gaining access to your personal files and data.
Upon close inspection, the email senders address (no_reply@cpaaustraliaa.com) is a fake domain and was only recently registered in China. The additional ‘letter a’ may fool some into thinking it is an authentic email. (Pictured below)
This technique isn’t anything new or out of the box but because companies like CPA Australia are attractive targets for cyber criminals, they will continue to take their chances as the rewards for success outweigh the cost of carrying such an operation. In most cases, all it takes is one successful target to fund even hundreds of similar attacks. To the untrained eye these types of emails are opened immediately without any thought of it being a phishing email.
Here at IntelliTeK we use the best email security to ensure none of these emails even hit our clients inboxes in the first place. But as with all companies, big or small, none as 100% scam-proof. Which is why we urge our clients to take extra caution when opening what appears to be regular, expect emails. If you’re a small business or just looking around for the best email security options to suit your needs and budget please get in touch with us right away – a sales representative is waiting to answer your questions.
About IntelliTeK Pty Ltd
IntelliTeK is a managed IT services company in Sydney, Australia. With major vendor relationships and accreditations from the world’s leading IT companies including WatchGuard, Microsoft, Trend Micro and Amazon Web Services, IntelliTeK have kept clients happy since 2007.
IntelliTeK are always up to date with the latest cloud backup solutions which is why we only partner with the best in the industry. If your company isn’t fully equipped to fend off cyber criminals, then get in touch with us so we can discuss your options. Call us on 1300 768 779, email us at info@intellitek.com.au, fill out the web form, or have a Live Chat with us below.