Category Archives: Phishing

PayPal Phishing Email

An email claiming to be from PayPal is advising the recipient that their PayPal Account has been limited. To rectify the problem the email asks you to log in to your PayPal account.

The link leads to a phishing page, designed to steal your PayPal credentials. If you sign into the page your credentials (PayPal account username and password) are sent to the attacker. The attacker can then use you PayPal account to make purchases on the internet.

 

Telstra Phishing Email

Be wary of a Telstra phishing email doing the rounds. The email advises the recipient that their latest Telstra bill is available to download. Upon clicking the link you will be presented with a zip file containing a malicious javascript file. This javascript file, when run, will download a Trojan onto your PC.  A Trojan allows an attacker to remotely access your PC. This allows an attacker to possibly view what you are doing, steal passwords, or install other malware, such as ransomware onto your PC.

Phishing

There are many variants of phishing emails that do the rounds. Often I will do a write up on a phish that look most authentic and managed to get past my spam filtering, such as in the past with NAB, Commbank, and MyGov phishing emails.

Phishing emails work by baiting the victim into clicking a link, opening an attachment, or replying with information. Phishing plays on a need of urgency. This is a trick used by the scammer to help trick the victim into taking the bait.

Links may lead to a website designed to harvest credentials for email, financial services, or other websites. Attachments may lead to malware infection, such as ransomware. Emails that ask you to reply with information may ask for personal details to use for identity fraud, or ask for credentials for online services.

Another type of phish, with a much higher success rate, is spear-phishing. This is a targeted attack, meaning the phish, is sent to one user. Before sending a spear-phishing email, an attacker will need to research the individual. The more information the attacker can gather, possibly from over sharing on social media, the higher the chance the user will take the bait.

A spear-phish is used when the attacker has a goal in mind. The goal might be to compromise the organisation in which you work. In this case the attacker will do his homework, and send you a specially crafted email. This email could appear to come from your boss, or other work colleagues. The attacker, posing as another employee, might ask for your latest password for the financial system. Or even ask you to check over the attached document. The document could contain malware allowing the attacker to infiltrate the company network.

Phishing can be very hard to protect against, but there are some steps to take:

  • Don’t act on a sense of urgency. This is a tactic used by an attacker to lower your guard and not give you time to properly analyse the request.
  • Double check the sender is legitimate. If you receive a request for sensitive information, confirm that the person you received the request from is who they say they are. Contact them via another means, i.e. via Telephone. But don’t call the number provided in the suspect email.
  • Scan links and attachments with a service such as Virus Total.
  • Ask a friend for advice. Even if the friend is not tech savvy, sometimes talking about something out loud will help you to see it is a scam.

Report a Scam

Phishing and other scams can be reported to Scam Watch.