OJ Computers - Meeting all your IT needs since 1995!

Online scams for 2019

The following are some of the latest email scams we've become aware of.  The list is by no means conclusive and there appears to be new ones every day.  Many seem to be coming from reputable brands such as banks, telcos and even government agencies but closer looks can reveal that the senders are not who they say they are.
Fake and scam emails can result in damage to your computer, hacking into your financial accounts, password and identity theft (among other risks).

Simple checklist when dealing with emails:

  • Do not open any attachment or click on any link unless you are absolutely sure that the email is genuine.
  • Check the sender's email address - the majority are from overseas email addresses (no au on the end)
  • If you don't know the sender or where the email is from DELETE it
  • If you know the sender but aren't sure about the content contact the person who sent it to verify it's genuine ... but not by simply replying to the email

Emotet Trojan is back - attachment warning

30 October 2019:


If you receive an email with a Word or PDF document attachment, do not open it unless you are absolutely sure of it’s origin.  The attachment could contain an extremely malicious virus called ‘Emotet’.  The emails are often made to appear as if they have come from someone you know.

There is hidden code in the attachment which, if opened, allows hackers to access and control the targeted device.  Once the device is infected, Emotet then forwards itself to all the user’s email contacts in an attempt to spread itself further.  It can also steal passwords from installed applications and can spread further malware to the device, including ‘Trickbot’, which allows the hacker to harvest emails and credentials. 


23 October 2019:

Paypal customers be warned - don't click this email ...
Paypal customers are being warned about this bogus email.
Do not click on anything on the email.
You're advised if you receive emails like this to log directly into the relevant account to check for any messages or problems.

Warning: Don't click the attachment

23 October 2019:

This email (or similar) is popping up in Inboxes .
You’ll notice that the ‘From’ name does not match the email address. The ‘Subject’ of the email is similar in each case, but the content of the email varies. Also, the attachment name varies but, when opened, it goes to the same web page with a link to open an Invoice.

Do not click on the attachment!


21 October 2019:

WARNING: Delete this email from ANZ Bank

As you know, banks don’t send emails asking you to action any changes to your account! If you receive one similar to this, it is a Phishing email – DELETE!

Dangerous attachment - do not open

15 October 2019:

Here's a warning about a malicious attachment that is emerging this week.
This email is popping up in some Inboxes, 

Suspicious email from your own email

10 October 2019: If you receive an email similar to the one at right it appears to come from your company admin, but is a Phishing email.  Do not click on any of the links - DELETE immediately!

Malicious Hubdocs Alert

10 September 2019:

This malicious ‘Hubdocs Alert’ email arrived in a few Inboxes today. If you receive one, do not click on any links – DELETE immediately.

Fake message about email inbox

30 August 2019:

If you receive an email similar to the one below, it is not genuine, it is a Phishing email.  DO NOT CLICK ON THE LINK!  It goes to a fraudulent login page and asks for your PC/Email password.

DELETE immediately.

SharePoint target for scam

13 August 2019:

SharePoint is the latest platform to be targeted by scammers.
If you receive a company “SharePoint Management” email, it is a Phishing email - DELETE IT!
The “Preview File” link takes you to a very good copy of a personalised Microsoft login page.

Phishing email alert

13 August 2019:

Here’s another Phishing email – this one sends you to a malicious website and a fake Dropbox login!


MyGov Scam Alert

5 August 2019:

If you receive a myGov email, make sure it is from myGov!

Scammers have set up a clone of the myGov website to trick you into sharing your login and bank account details.

The scam starts with a phishing email that looks like it is from Medicare, asking you to update your Electronic Funds Transfer (EFT) details, so you can start receiving payments for Medicare benefits and claims.


If you click on the link in the email you are taken a replica of the real myGov website. You’ll note the URL includes ‘.net’ instead of ‘.gov.au’, which is an indication the website is not a legitimate Australian Government domain!

If you input your login details you are directed to also enter your secret security question and answer, before you’re taken to the fake Medicare website to input your bank account details.


These emails and web pages feature myGov and Medicare design and branding, making them appear legitimate.

Remember, clicking on the link and sharing your details gives these scammers access to your personal information, which they then use to steal your money and identity!

Warning on DocuSign scam

23 July 2019:

Here’s a Phishing email to watch out for – albeit an obvious one!


If you use DocuSign, make sure you double check the sender before continuing and if you’re still not sure contact the sender.

Watch too as there are also emails with fake links to invoices entering inboxes around the same time purporting to also be from the same company.

Delete any of these emails immediately.

Extremely dangerous email

18 July 2019:

If you receive an email similar to this one, DELETE IMMEDIATELY – IT IS EXTREMELY DANGEROUS!


Do not forward the original email to anyone.

Warning on invoice email

18 July 2019:

If you receive email similar to this one with a .img file attachment, DO NOT OPEN OR CLICK ON IT!  Delete immediately.

Malicious fake DHL email

1 July 2019:

If you receive an email supposedly from DHL, make sure you check the Sender’s email address before clicking on any link - the link in this one goes to an extremely malicious website.



Don't get scammed on domain name renewals

26 June 2019:

Warning to businesses on domain name scams:
If you receive an email similar to the one below, it is a scam – delete it!
These unsolicited emails offer to register your domain name with a different extension, e.g. ‘spectrumcomputers.info’ for ‘spectrumcomputers.com.au’.
Businesses will often register more that one domain name extension to help increase traffic to their website but, if required, it should be done through their existing registrar and not from an unsolicited source.
Always check thoroughly if it is your actual complete domain name before paying for any renewal.

Warning on link to malicious website

24 June 2019:

Beware of emails like this or similar – this one goes to a malicious website!

Phishing email about your inbox

17 June 2019:

If you receive an email similar to this one, it is not genuine - it is a Phishing email!  Do not click on the link, DELETE immediately.

Fake Office 365 file deletion alerts

6 June 2019:
Phishing Emails Pretend to be Office 365 'File Deletion' Alerts
A new phishing campaign is underway that pretends to be from the "Office 365 Team" warning recipients that there has been unusual amount of file deletions occurring on their account.
The phishing scam, shown at right, pretends to be a warning from the Office 365 service that states a medium-severity alert has been triggered. It then goes on to say that there has been high amount of files deletions occurring in their Office 365 account and that they should review the alerts.


If you click on the "View alert details" link, you will be brought to a fake Microsoft account login page that prompts you to login.  Just to make things more confusing for you, the scammers are using secure website hosting (padlock in address field), but the address is definitely not Microsoft!

Warning on phishing email

24 May 2019: 

If you receive an email similar to this one, it is a Phishing email.  It takes about three steps to reach a fraudulent Microsoft login page!
You are advised to delete it immediately.

More fraudulent Xero emails

20 May 2019:

There are a few fraudulent Xero emails coming through at the moment – note the ‘From’ email address!
If you don't recognise the address, or it doesn't match the information in the email, DELETE immediately.

Do not click on any links unless you're sure they are from a trusted source.

Image goes to phishing link

16 May 2019

Watch out for this email as the image itself is a link to a phishing scam.


Fraudulent Apple email

15 May 2019:
Watch out for this fraudulent Apple Phishing email – DO NOT CLICK ON THE LINK!

Phishing email ... do not click

If you receive an email similar to this one, below, IT IS NOT GENUINE.  These are Phishing emails - do not click on any links.

Delete immediately!


3 May 2019:

Here’s a new one to watch out for – definitely malicious! It opens a PDF, but also has a .zip file download.

Watch for fake Optus invoices

30 April 2019:

Fake invoices from Optus are the latest scam to enter our inboxes today.
Note that the Sender’s address is not Optus!

Do not click on the “View Bill” button!  DELETE!!!


Fake UNITI invoices

29 April 2019:

Watch out for this malicious “Uniti” email, in particular those who use Uniti as their Internet Provider!


Beware malicious email attachments

24 April 2019:

A warning has been issued about not opening email attachments if you're not familiar with the sender or the content.
If you receive an email similar to these, do not open the attachment – DELETE immediately.
The attachment includes malicious content.

Malicious voice mail message link

16 April 2019:
Here's a new twist on the usual scam emails.
It suggests you need to click on a link to retrieve a voice message.
You're advised to DELETE IMMEDIATELY.
The link goes to an unsecure website.


Nasty HSBC email with PDF file

15 April 2019:

Here’s a new one; this time looking as if it comes from HSBC! 
There’s a malicious .zip file download behind the PDF link.
You are advised to delete the email immediately.

Malicious Invoice2Go emails

15 April 2019:

Here’s one we haven’t seen for a while, fake invoices from “Invoice2go”.  

Note the sender email address, if it's not one you immediately recognise, delete immediately.

Do not click on the link - it goes to a malicious website.



Iron Mountain Australia Group malicious email

11 April 2019:

This malicious email is doing the rounds today.  The invoice number on each email is the same, but Sender’s address changes and the links go to a malicious website.



Watch out for fake Dropbox file links

8 April 2019

Warning on fake Dropbox emails:
If you receive an email with a Dropbox file link from a company or someone you know, but are not expecting anything from them, check with the sender first before following the link.
The emails look legitimate, but are most likely Phishing emails.

You are advised to delete them immediately.

Hackers send fake hacking emails

2 April 2019:

If you receive emails similar to the examples shown here, they are Spam and should be deleted immediately.  The sender has not hacked your system or device.


New twist on Xero scam

2 April 2019:
The malicious Xero invoices are still around and the ‘From’ addresses are getting trickier!
Do not be fooled!!!   Make sure to check the address in angle brackets - the CORRECT Xero address is ‘<subscription.notifications@post.xero.com>’  

Fake Officeworks invoices - delete them

28 March 2019:

It’s fake Officeworks emails today.

If you receive an invoice via email from Officeworks please check the sender's email address before clicking on any links.

Malicious fake Telstra email

26 March 2019: The scam Telstra emails are back again!!!   
The links go to a malicious website - delete immediately!

Fake Energy Australia bills ... again

26 March 2019:

The fake Energy Australia bills are back again, too!    Check the sender’s address – not from Energy Australia!

Fake MYOB invoices hit inboxes

26 March 2019:
Last week it was fake Xero invoices ... this week it's fake MYOB invoices.

Remember to check the Sender’s email address – also, the Subject line could change.

You're advised to delete them immediately if something looks suspicious.

Fraudulent Xero invoices

22 March 2019:

We now have fraudulent Xero subscription invoices coming through.  Note the sender’s email address.   DELETE!!!

We advise everyone to check the sender address when receiving any emails, but particularly those from Xero while the current hoaxes are being distributed.

ASIC cancellation email scam

21 March 2019:

There's a new twist in the ASIC email scams ... this time the scam emails warn that your listing is about to be cancelled.
The “Intent to cancel” emails coming through today are not genuine!
Check the Sender’s email address, it is not from ASIC.
Delete immediately.

AGL phishing emails are back

21 March 2019:

The AGL Phishing emails are back! Note the sender’s email address – it is not from AGL. You're advised to look closely if you are expecting an AGL bill via email.

Delete if it appears to not be genuine. If you aren't sure contact us for advice.

Ransomware infection warning

20 March 2019: There is a Ransomware Infection (Ransom.Troldesh, aka Shade) currently being spread by malicious email attachments, usually zip files, presented to the receiver as something “to be opened quickly”.  If clicked on, your PC will immediately be encrypted and a ransom note will pop up on your desktop. 

As the sender in Troldesh emails is commonly ‘spoofed’ (sender pretending to be someone else), we can surmise that the those behind this campaign are ‘phishing’, (fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity) hoping to pull the wool over users’ eyes in order to get them to open the attachment.

Always double-check any email and if you’re not sure of any attachment or link, please contact me.

Beware the "failed message" email

8 March 2019

Beware of emails saying you have failed incoming messages.  The messages appear to be coming from your company, but are Phishing emails.  DELETE immediately.

Cleanaway a target for fake email

28 February 2019

If you’re a Cleanaway customer and receive an ‘Overdue Account’ email make sure you check the Sender’s email address before clicking on any links.   It is most likely a Phishing email looking to steal credit card details.   Please DELETE!

Xero subscription fake email

26 February 2019

Our inboxes are being filled with fake Xero subscription invoices this week.
The first thing to do with any email is check the ‘From’ address before clicking on any link.
Note that the Sender’s email address is not from Xero. For your reference, the Xero ‘From’ address is <messaging-service@post.xero.com>.

Many businesses now use Xero Accounting, so it is important to be able to identify a genuine Xero email.

New version of fake ASIC renewal

21 February 2019
Our inboxes have been bombarded today with yet another version of the fake ASIC renewal notice.

Note: the ‘From’ address is not ASIC.


Emails from colleagues may be a problem

18 February 2019

Beware of emails supposedly coming from a work colleague or someone you know asking, “Let me know if you’re free.”, or similar.

If you reply, they will continue dialog and may ask you to purchase $? amount of gift cards, send them the codes and also tell you to make sure the cards are activated, or something similar! 

Example:   “Yes, it's my private email... what I need is $1500 worth of Google play gift card ($100 or $500 denomination). You can get them from the store and send me the codes.

  1. Make sure they are all activated.”

If you receive one of these emails, DO NOT REPLY.  If you think the email might be genuine, ring the person and check with them.

Fake court documents

18 February 2019:

A warning has been issued about a false email entering inboxes today claiming to be related to a court matter.
If you receive the email you're advised to DELETE IMMEDIATELY!

The link goes to a malicious .zip file download.