fbpx

Posts in Staysmartonline

Alert Priority HIGH: Widespread reports of COVID-19 malicious scams being sent to Australians

March 27th, 2020 Posted by Alerts, Featured, Staysmartonline 0 thoughts on “Alert Priority HIGH: Widespread reports of COVID-19 malicious scams being sent to Australians”
27 March 2020

What’s happened?
The Australian Cyber Security Centre (ACSC) is aware of a significant increase in Australians being targeted with COVID-19 related scams and phishing emails. 
 
In the last three months, the ACSC and the Australian Competition and the Consumer Commission’s (ACCC) Scamwatch has received over 140 reports from individuals and businesses across Australia. 
 
These phishing emails are often sophisticated, preying on people’s desire for information and imitating trusted and well-known organisations or government agencies. 
 
Clicking on these malicious links or visiting fake websites may automatically install computer viruses or malware and ransomware onto your device, giving cyber criminals the ability to steal your financial and personal information.
 
These scams are likely to increase over the coming weeks and months and the ACSC strongly encourages organisations and individuals to remain alert. 
 
Here are some examples of what to look out for now:
Example 1: SMS phishing scam messages offering where to get tested for COVID-19 or how to protect yourself In these examples, the SMS appears to come from ‘GOV’ or ‘GMAIL’, with a malicious link to find out where to get tested in your local area. 
 
Scamwatch and the ACSC is also aware of a SMS scam using the sender identification of ‘myGov.’ These scam messages are appearing in the same conversation threads as previous official SMS messages you may have received from myGov. 
Example 2: COVID-19 phishing email impersonating Australia Post to steal personal information
Under the pretence of providing advice about travelling to countries with confirmed cases of COVID-19, this phishing email aims to trick you into visiting a website that will steal your personal and financial information. 
Once they have your personal information, the scammers can open bank accounts or credit cards in your name, often using these stolen funds to purchase luxury items or transfer the money into untraceable crypto-currencies such as bitcoin.
  Example 3: Phishing emails pretending to be an international health sector organisation
This is an example of one COVID-19 themed phishing email where the sender is pretending to be a well-known international health organisation. The email prompts you to click on the web link to access information about new cases of the virus in your local area, or to open an attachment for advice on safety measures to prevent the spread.
 
Example 4: Phishing emails containing malicious attachments In this example, the phishing email is pretending to be from the World Health Organization and prompts you to open an attachment for advice on safety measures to prevent the spread of COVID-19. When opened, the attached file contains malicious software that automatically downloads onto your device, providing the scammer with ongoing access to your device. 
Example 5: COVID-19 relief payment scam Scammers are also sending phishing emails targeting an increasing number of Australians that are seeking to work from home, wanting to help with relief efforts or requiring financial assistance if they find themselves out of work. In this example, the email offers recipients $2,500 in ‘COVID-19 assistance’ payments if they complete an attached application form. Opening the attachment may download malicious software onto your device. How do I stay safe?The ACSC has produced a detailed report, including practical cyber security advice that organisations and individuals can follow to reduce the risk of harm.
 
You can read the report and protect yourself by following these simple steps:Read the message carefully, and look for anything that isn’t quite right, such as tracking numbers, names, attachment names, sender, message subject and hyperlinks.If unsure, call the organisation on their official number, as it appears on their website and double check the details or confirm that the request is legitimate. Do not contact the phone number or email address contained in the message, as this most likely belongs to the scammer.Use sources such as the organisation’s mobile phone app, web site or social media page to verify the message. Often large organisations, like Australia Post, will have scam alert pages on their websites, with details of current known scams using their branding, to watch out for.If you’ve received one of these messages and you’ve clicked on the link, or you’re concerned your personal details have been compromised, contact your financial institution immediately.
 More informationIf you’ve suffered financial loss from cybercrime, report it to ReportCyber at www.cyber.gov.au/report.  
 
Visit cyber.gov.au for advice to help businesses stay secure from cyber threats, whilst managing a remote workforce. 
 
To stay up to date on the latest online threats and how to respond, sign up to the Stay Smart Online Alert Service, www.staysmartonline.gov.au/alert-service.
 
More advice and support is available on our Get help page.
 
For information on the COVID-19 pandemic, visit https://www.health.gov.au    The information provided here is of a general nature. Everyone’s circumstances are different. If you require specific advice you should contact your local technical support provider. Feedback
Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.    
 
Disclaimer
This information has been prepared by the ACSC. It was accurate and up to date at the time of publishing.
This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.
The Commonwealth and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.
Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.
Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.

More details: https://www.staysmartonline.gov.au/alert-service/widespread-reports-covid-19-malicious-scams-being-sent-australians
CONTACT US
Facebook: www.facebook.com/staysmartonline
Email: staysmart.online@defence.gov.au
Web: www.staysmartonline.gov.au
You are receiving this message at the address shendon@gobbill.com.au.
If you no longer wish to receive this information, you can unsubscribe. © 2020 Australian Government.All rights reserved.

ACCC Scamwatch received 5000 reports of fake billing scams in the last 12months. Scammers impersonating energy and telecommunications companies via email.

April 24th, 2018 Posted by Alerts, Internet Safety, Staysmartonline 0 thoughts on “ACCC Scamwatch received 5000 reports of fake billing scams in the last 12months. Scammers impersonating energy and telecommunications companies via email.”

Beware of scammers impersonating energy and telecommunications companies

Source: ACCC Swamwatch 24 April 2018

The ACCC is warning consumers to beware of scammers impersonating energy and telecommunications providers and demanding payments.

Scamwatch has received 5000 reports of fake billing scams in the last 12 months, with reported losses of close to $8000.

“The scammers typically impersonate well known companies such as Origin, AGL, Telstra and Optus via email, to fool people into assuming the bills are real,” ACCC Deputy Chair Delia Rickard said.

“They send bulk emails or letters which include a logo and design features closely copied from the genuine provider. The bill states the account is overdue and if not paid immediately the customer will incur late charges or be disconnected.”

“Alternatively, the bill may claim that the customer has overpaid and is owed a refund or it may simply say the bill is due and ready to pay,” Ms Rickard said.

New South Wales residents reported the highest number of incidents of the fake billing scam, with 1779 households reporting being victims, compared to 1275 in Queensland and 1245 in Victoria, 485 in Western Australia, 462 in South Australia, 132 in the ACT, 117 in Tasmania and 38 in the Northern Territory.

 

“Older Australians should particularly be wary of emails pretending to be from utility companies, with people over 65 reporting the most fake utility billing scam incidents,” Ms Rickard said.

“I advise consumers to contact their communications or energy provider directly via the company’s official channels to verify that the email or letter is actually from them.”

“Customers should never use the contact details provided on the suspicious email or letter but instead use an independent source to locate contact details such as a past bill or the phone book.”

In one case reported to the ACCC, a customer received a fake Telstra bill in the mail. The bill stated the customer’s account was overdue and immediate payment was needed. The customer dialled the phone number provided and was asked for his date of birth and driver’s licence number to confirm his identity.

“If customers are duped into phoning scammers they will then attempt to steal as much personal information as they can,” Ms Rickard said.

Other tips on how consumers can protect themselves:

If you receive a bill outside of your normal billing cycle, or don’t expect to receive an overdue notice, call your provider to check whether it is legitimate.
If you are not a customer of the company simply delete the email.
Never click on links or open attachments in an email from an unverified sender – they may contain a malicious virus.
Never send money or give credit card details, online account details or personal information to anyone you don’t know or trust and never by email or over the phone.
Keep your computer secure – always update your firewall, anti-virus and anti-spyware software, and only buy from a verified source.

— End —

 

Gobbill is featured in media across Australia

February 13th, 2018 Posted by Case Studies, Gobbill News, Internet Safety, Product Features, Startup, Staysmartonline 0 thoughts on “Gobbill is featured in media across Australia”

Co-founders Quentin Marsh and Shendon Ewans originally came up with the idea for Gobbill in a local pub. The initial concept was to help people pay bills on time.

However, when Shendon’s father fell victim to an email scam and lost his savings, Shendon and his brother Simon (a software engineer with Gobbill) took action. Email scams are rapidly increasing across Australia and around the world. Gobbill has now built in extra fraud protection and offers a solution for those looking to protect themselves from potential email scams.

Read the Sydney Morning Herald article.

Read The Age article.

 

ACCC reports online scam losses total nearly $37 million so far in 2017. 45 to 54 y/o most likely to lose money.

October 10th, 2017 Posted by Alerts, Internet Safety, Staysmartonline 0 thoughts on “ACCC reports online scam losses total nearly $37 million so far in 2017. 45 to 54 y/o most likely to lose money.”

This Stay Smart Online Week (9-13 October), the ACCC is warning the community to watch out for common online scams they might encounter.

The online sphere – email, the internet, social media and mobile apps – has overtaken telephones as scammers’ preferred tool of the trade to contact potential victims. In 2017, the ACCC’s Scamwatch site has received more than 51,000 reports of scammers trying to con people online. Online scam losses total nearly $37 million so far in 2017, with people aged 45 to 54 most likely to lose money.

 

Video transcript.

“It’s difficult to spot a scammer online these days as they  go to great lengths  to trick the public and steal personal information and money,” ACCC Deputy Chair Delia Rickard said.

The top three scams that people are most likely to encounter online are:

  • Phishing – often delivered via email, scammers will pretend to be from well-known businesses and government departments to con unsuspecting victims out of their personal information and money. For example they might say they’re from Apple and you need to reset your password for security reasons, or they may offer you a gift voucher to a major supermarket for completing a ‘survey’.
  • False billing – scammers will pretend to be from a utility provider such as your phone or energy company and send you a fake bill. These scams can be very hard to pick as the fake bills scammers send look authentic.
  • Buying and selling – scammers will trick people who are looking to buy or sell goods online. For example, they may set up a fake online store that sells well-known brands at seemingly too-good-to-be-true prices; or they may set up a fake listing on a classifieds website.

Ms Rickard said there are some simple techniques members of the public can employ to avoid being stung by a scammer online.

“While scammers are often after your money, they’re also trying to steal your personal information, which is just as valuable. It’s important to safeguard your personal details online the same way you would your wallet,” Ms Rickard said.

“If you’re ever contacted out of the blue, particularly via email, by someone asking you to pay a bill, complete a survey or update your passwords, it pays to be sceptical. If it seems too good to be true, it probably is.”

“If you’re unsure about the legitimacy of something online like a store, classified listing or email you receive, do you own research as others who have been stung by scammers will often post warnings for others. There are also plenty of very useful tips and advice at www.scamwatch.gov.au to avoid being stung by online scams,” Ms Rickard said.

Source and to see more information about Stay Smart Online Week.

Australians lost $12.5M to scams last month. Older women are the hardest hit.

September 22nd, 2017 Posted by Alerts, Financial Management, Gobbill News, Staysmartonline 0 thoughts on “Australians lost $12.5M to scams last month. Older women are the hardest hit.”

Gobbill processes 3 times more bills in the last month of each quarter, with installments such as council rates and some electricity bills coming up for payment. This makes this period the ideal time for scammers to target individuals with fraudulent bills.

It’s always good to keep a close eye on your email inbox. Statistics show that online scams are a growing issue, with huge losses to scams over August this year. Australians lost $12.5M in scams last month (August 2017), which is almost double compared to the same time last year. Email fraud makes up an estimated 27% of all scams, with an estimated total of $3.4M lost last month. The hardest hit by scams are older women. Apart from being aware and cautious of scams, keep yourself protected with Gobbill to help check and pay email bills.

August 2017 – Number of reports by Age and Gender

Source: Scamwatch

 

Gobbill is a partner of the Commonwealth Government Stay Smart Online program. In recent months, the Government Cyber program has issued a number of alerts of new phishing emails carrying malware. The emails pretend to come from a number of Australian institutions including Telstra, Origin Energy and AGL.

Find out more about Gobbill. It’s free to use service that protects you from email bill scams.

EnergyAustralia dragged into major phishing scam

June 21st, 2017 Posted by Alerts, Internet Safety, Staysmartonline 0 thoughts on “EnergyAustralia dragged into major phishing scam”

EnergyAustralia is being impersonated by cyber criminals in a malware campaign reports  IDG ARN. EnergyAustralia has become the second local energy provider caught up in a major email phishing scam after a “large volume” of malicious emails recently began hitting Australian inboxes, according to email security company, MailGuard.

The Melbourne-based company said the realistic-looking email masquerades as an invoice from the energy company, advising customers that the invoice is due in the coming days. Read more at ARN. EnergyAustralia has also issued their own warnings of the fake bills and provided advice to check on the source/sender of the email. Read more at EnergyAustralia.

 

High Alert for ransomware issued by Australian Government cyber security agency.

May 14th, 2017 Posted by Alerts, Internet Safety, Staysmartonline 0 thoughts on “High Alert for ransomware issued by Australian Government cyber security agency.”

Australian Cybercrime Online Reporting Network (ACORN) has today issued a high priority alert to beware of the same ransomware disrupting organisations globally, including the UK’s National Health Service.

What can you do? Keep safe by applying software updates and backing up your data regularly. Use Gobbill to check and pay your email bills. You don’t need to know if it’s a fake bill and you don’t need to click on any links. Simply forward the email to your own @gobbill.com email address and it’s taken care for you. Read more gobbill.com.au

Last week, hackers used tools believed to have been developed by the US National Security Agency which has infected tens of thousands of computers in nearly 100 countries, disrupting Britain’s health system and global shipper FedEx. Australian Cyber Security Centre is tracking the attack campaign which goes by various names including WannaCry. It leverages known vulnerabilities in Microsoft Windows patched since March 2017 making this disruption and impact preventable.

ACORN reports that they are continuing to monitor the situation closely.

——–

New Gobbill users can sign up for a FREE account at gobbill.com.au.

Follow us on Facebook/gobbill to receive further alerts.

 
What is Ransomware?

Ransomware is malicious software that makes data or systems unusable until the victim makes a payment. In this case, cyber extortionists tricked victims into opening malicious malware attachments to spam emails that appeared to contain invoices, job offers, security warnings and other legitimate files reports The Sydney Morning Herald. 

About ACORN.

ACORN provides information on how to recognise and avoid common forms of cybercrime, such as hacking, online scams, online fraud, identity theft, attacks on computer systems and illegal or prohibited content, as well as offering advice to those who have fallen victim.

National Consumer Fraud Week (15–19 May)

May 14th, 2017 Posted by Internet Safety, Staysmartonline 0 thoughts on “National Consumer Fraud Week (15–19 May)”

Source: ATO and ACCC ScamWatch

According to the ACCC, increasing numbers of Australians are encountering—and losing money to—scams on social media. If you use social media, we encourage you to be particularly alert for dating and romance scams and fake trader scams. … financial losses that are usually impossible to recover. Here are some tips from ACCC’s ScamWatch [http://bit.ly/2pEshwY] on how to protect yourself.

For businesses, the ATO says – don’t give fraudsters a chance. It’s a timely reminder to review all information security practices in your business, including storage of client information and taking stock of who has access to your systems. Implementing a few simple practices can save you money and stress. Read the ATO’s Top cyber security tips for business [http://bit.ly/2pqH5UG].

Origin Energy email scam targets tens of thousands of Aussies with fake bill

May 12th, 2017 Posted by Alerts, Internet Safety, Staysmartonline 0 thoughts on “Origin Energy email scam targets tens of thousands of Aussies with fake bill”

A hoax Origin Energy bill loaded with dangerous spyware has targeted tens of thousands of Australians. The well-crafted email branded with the energy provider’s official logo claimed to be an electricity bill for varying amounts, with one sighted by Fairfax Media as high as $911. Source: The Age. Read more

Example:

Beware of Google Docs phishing scam

May 4th, 2017 Posted by Alerts, Staysmartonline 0 thoughts on “Beware of Google Docs phishing scam”

Users are warned to be aware of a reported phishing scam involving a fake invitation to share a Google Docs document.

The scam sees a user receive a legitimate-looking email that may appear to be from a trusted contact inviting them to share a document on Google Docs.

Users who click on the link are directed to screens that request permission for a malicious service to access their email account, contacts and other sensitive information. If a user grants permission, the malicious service can impersonate the user when sending messages on to other Google email users.

Users may also face the risk of having information and messages from their email accounts compromised.

The scam reportedly targets Google personal and corporate email accounts.

Click here for more information.

Source: Beware of Google Docs phishing scam | Stay Smart Online