Paypal email warning


17 November 2017:

The public is being warned about a new email scam doing the rounds that appears to come from Paypal.

If you receive this PayPal Phishing email, do not click on the “LOG IN” button,  DELETE immediately.

Apple phishing threat


15 November 2017:

Apple users are being warned about a phishing scam that's coming to email inboxes.

If you receive an email similar to the one above, DO NOT CLICK ON THE LINK - please DELETE – it is a Phishing email.

As always here are our recommendations on dealing with emails:

  • Do not open any attachment or click on any link unless you are absolutely sure that the email is genuine.

  • Check the sender's email address - the majority are from overseas email addresses (no au on the end)

  • If you don't know the sender or where the email is from DELETE it

  • If you know the sender but aren't sure about the content contact the person who sent it to verify it's genuine ... but not by simply replying to the email

Xero invoice virus threat


10 September 2017:

A new virus is circulating that looks like an emailed invoice from the accounting program Xero.

If you receive a Xero Invoice email, make absolutely sure that you are expecting an invoice and double check the details.

The “INV-1093175” link in the Xero email above contains an ‘ENCRYPTION VIRUS’ – DO NOT CLICK ON IT!

As always here are our recommendations on dealing with emails:

  • Do not open any attachment or click on any link unless you are absolutely sure that the email is genuine.

  • Check the sender's email address - the majority are from overseas email addresses (no au on the end)

  • If you don't know the sender or where the email is from DELETE it

  • If you know the sender but aren't sure about the content contact the person who sent it to verify it's genuine ... but not by simply replying to the email

RANSOMWARE WARNING!

27/10/17:

‘Locky’ ransomware campaign

In light of recent publicity about the potential threat of Bad Rabbit ransomware, it’s important to be aware that some longstanding ransomware threats are periodically circulated to Australian internet users. Currently malicious emails are being sent from numerous fake email addresses containing an attachment entitled ‘Invoice_file_26530.doc’ or similar that could infect your computer with Locky.

The email simply says:

“Your Invoice is attached. If you feel you have received this email in error, please reply to this email to inform us of any necessary corrections.”

Never open attachments from unexpected sources.

The following key steps show how you can become infected with Locky ransomware if you:

• have mistakenly opened the attachment;

• do not carefully consider the information presented to you;

• and change the default setting of ‘No’ to ‘Yes’.

Do not open the attachment. If the attachment is opened the following prompt will be received:

Click ‘No’.

 


If ‘Yes’ is clicked a prompt will be presented ‘to start the application’ as shown here:

 


If ‘Yes’ is clicked a prompt will be presented ‘to start the application’ as shown here:

Click ‘No’. If you select ‘Yes’ again you are likely to install the ransomware on your computer and potentially your network.

What is ransomware?

Ransomware is a type of malicious software (malware) that makes your computer or its files unusable unless you pay a fee. However, we recommend you do not pay the fee, as there is no guarantee you’ll recover your information and you’ll become a target for more attacks as the criminals know you’re prepared to pay up!

Overseas, there are reports of another ransomware campaign called Bad Rabbit that is disguised as an Adobe Flash update from websites. Currently there are no reports of this in Australia, but it is important to be aware of suspicious requests to download files.

What to do if you’ve paid the ransom

If you’ve given your credit card or account details to pay the ransom, contact your financial institution immediately.

How to stay safe

If you receive the Locky ransomware email, delete it immediately. Never open attachments from unexpected sources.

It is important to be vigilant in combating the threat of ransomware as new types are constantly emerging.

Update your Google Chrome


When was the last time you had a Google Chrome update? With so much malware around at the moment it's more important than ever that you ensure you update to the latest version.

ESET (the provider we recommend for computer security) has partnered with Google to provide a more secure version of Chrome.

Your browser can be set for automatic updates. Often you also need to make sure you shut down or at least restart your computer to implement the changes.

If you're unsure then contact us on 8552 4442.

In the meantime. Here's some links to some articles about the upgrades.


https://www.eset.com/int/about/newsroom/products/eset-works-with-google-to-halt-dangerous-malware/?mc_cid=889e06b76d&mc_eid=e5b637bd5a

https://www.blog.google/products/chrome/cleaner-safer-web-chrome-cleanup/

Fake infringement notices


11 October 2017:

Fake infringement notices are once again being circulated through emails.

Generally infringement notices would not be delivered in this way.

DO NOT CLICK ON THE DOWNLOAD BUTTONS. 

Make sure you DELETE these IMMEDIATELY.

Watch for phony We Transfer links


4 October 2017

Computer users are being warned about downloading files from a phony WeTransfer email.

Before clicking on any links in emails such as this, you are best advised to check with the sender to ensure they have actually sent you a file.  If you do not recognise the sender's name or details DELETE IMMEDIATELY.

Simple checklist when dealing with emails:

  • Do not open any attachment or click on any link unless you are absolutely sure that the email is genuine.

  • Check the sender's email address - the majority are from overseas email addresses (no au on the end)

  • If you don't know the sender or where the email is from DELETE it

  • If you know the sender but aren't sure about the content contact the person who sent it to verify it's genuine ... but not by simply replying to the email

Telstra email bill scam


28 September 2017:

Telstra is again at the centre of a phishing email scam with an email appearing to be an account notification.
The only difference is that the genuine Bill Notification shows the Customer Name and Invoice Number, otherwise the scam email is identical.

Note the ‘From’ address which looks very similar.  Watch for those that come from addresses without a .au on the end.  Also, the spelling of centre is the American version.

Simple checklist when dealing with emails:

  • Do not open any attachment or click on any link unless you are absolutely sure that the email is genuine.

  • Check the sender's email address - the majority are from overseas email addresses (no au on the end)

  • If you don't know the sender or where the email is from DELETE it

  • If you know the sender but aren't sure about the content contact the person who sent it to verify it's genuine ... but not by simply replying to the email

Paypal email scam


22 September 2017:

A very dangerous email is circulating purporting to be about your PayPal account.

Here is a fraudulent PayPal email to watch out for – note the Sender’s email address.  

Do not click on the ‘Confirm My Account’ buttonDELETE immediately.

Simple checklist when dealing with emails:

  • Do not open any attachment or click on any link unless you are absolutely sure that the email is genuine.

  • Check the sender's email address - the majority are from overseas email addresses (no au on the end)

  • If you don't know the sender or where the email is from DELETE it

  • If you know the sender but aren't sure about the content contact the person who sent it to verify it's genuine ... but not by simply replying to the email

Scam email - Energy Australia


20 September 2017

Energy Australia customers are the latest scam email targets.

This malicious Energy Australia email (above) should be deleted immediately.

Take particular note of the sender's address - it is not Energy Australia.

Simple checklist when dealing with emails:

  • Do not open any attachment or click on any link unless you are absolutely sure that the email is genuine.

  • Check the sender's email address - the majority are from overseas email addresses (no au on the end)

  • If you don't know the sender or where the email is from DELETE it

  • If you know the sender but aren't sure about the content contact the person who sent it to verify it's genuine ... but not by simply replying to the email

Warning to DocuSign users


18 September 2017

Users of the app/program DocuSign are being warned about fake notices with malicious links.

If you use DocuSign, please double-check the sender’s address before releasing the email from your Digest or opening it.  This email is clearly fraudulent and the links are malicious.

Beware the UNSUBSCRIBE link


15 September 2017:

By now we're all familiar with many of the fake account emails that are doing the rounds.  This week fake Telstra and Xero accounts were among the vast array that were turning up in our inboxes.

However, a new twist from scammers is with the fake UNSUBSCRIBE button.  If you're like most of us you're trying to cut down on the amount of Junk Email coming to your inbox.  Now you will need to be wary of clicking on UNSUBSCRIBE buttons lest they take you to sites to steal your identity or they unleash malware and other risks.

This is just one example.

You can check the REAL link by hovering your mouse over it – example above.

DO NOT click on suspicious links!

Below are some of the fake bills doing the rounds this week.

 

 

AusPost, e-Toll and BankWest scams


13 September 2017
The email scammers have been busy this week with a range of organisations at the centre of scams including e-Toll, AusPost and BankWest
Numerous malware emails targeting e-Toll and AusPost customers are currently being circulated. 
These scam emails use the same ‘View in OneDrive’ hook to entice email users to download malware onto their computer.

 

 


Don’t click on the ‘View in OneDrive’ link—it will take you to a web page where you will be advised to download a file that may install malware onto your computer. (At the time of issue the type of malware has not been confirmed, but is most likely ransomware.)

  • The AusPost scam emails may be sent from ‘AusPost Service Notification’, with a randomised subject line similar to ‘AusPost Track - 123456789 -100-98765 Monday September’.
     
  • E-Toll scam emails may be sent from ‘Road Service Notification’ with a subject line like ’E-toll account statement [1234567]- September 2017’.
     
AusPost and E-Toll emails containing links to other file sharing services such as Google Drive have also been reported.

 


The BankWest email should be deleted if it comes into your inbox.  Do not click any links it contains.
If you receive fake emails like these, delete them immediately.
 
Simple checklist when dealing with emails:
  • Do not open any attachment or click on any link unless you are absolutely sure that the email is genuine.
  • Check the sender's email address - the majority are from overseas email addresses (no au on the end)
  • If you don't know the sender or where the email is from DELETE it
  • If you know the sender but aren't sure about the content contact the person who sent it to verify it's genuine ... but not by simply replying to the email

Multi-faceted ransomware attack


8 September 2017: eBay and the promise of a Voice Message are two of the latest methods being used to spread ransomware.  Each tries to trick you into downloading ransomware onto your computer.

The first method uses a fake email that claims to be from eBay, with a common subject line “Your invoice for eBay purchases (098871971234567#).  The CLICK link leads to a web page designed to download ransomware onto your computer.

The invoice number changes for each email.

The fake email looks extremely convincing and is almost identical to a genuine eBay email.

The second method is a short simple email with the subject line “Voice Message from 017234512978 – name unavailable”.  The email message says “Click to listen Voice Message”.  The phone number changes for each email.  When you press CLICK to listen to the message you will be directed to a web page designed to download ransomware onto your computer.

New version of Origin Energy email scam


29 August 2017

Origin Energy is again the subject of an email scam.

Above is the latest Origin electricity bill scam.  Please, also, double check any other utility bill emails you receive before you open them or click any links.

You will notice this one has not come from Origin Energy but from an address drvenergy.com which is not related.

On this one DO NOT CLICK ON THE ‘VIEW BILL’ BUTTON.
Simple checklist when dealing with emails:

  • Do not open any attachment or click on any link unless you are absolutely sure that the email is genuine.

  • Check the sender's email address - the majority are from overseas email addresses (no au on the end)

  • If you don't know the sender or where the email is from DELETE it

  • If you know the sender but aren't sure about the content contact the person who sent it to verify it's genuine ... but not by simply replying to the email


ASIC renewal scam returns


23 August 2017

ASIC is once again at the heart of an email scam that is proving quite prolific.

If you receive the above email DO NOT CLICK ON IT.  Simply DELETE the email.

In this case you will see that the sender has an email address that ends in australiangovernement.com (where government is not even spelled correctly).

Simple checklist when dealing with emails:

  • Do not open any attachment or click on any link unless you are absolutely sure that the email is genuine.

  • Check the sender's email address - the majority are from overseas email addresses (no au on the end)

  • If you don't know the sender or where the email is from DELETE it

  • If you know the sender but aren't sure about the content contact the person who sent it to verify it's genuine ... but not by simply replying to the email

Email scam - Office 365


17 August 2017:

Office 365 users are the latest to be targeted by an email phishing scam.

For those who use Office 365 – if you receive an email supposedly from Microsoft Office 365 telling you your email account will expire, please delete it.  If it arrives in your daily digest, don’t release it.

This is a Phishing email designed to steal login information and personal data.

Simple checklist when dealing with emails:

  • Do not open any attachment or click on any link unless you are absolutely sure that the email is genuine.

  • Check the sender's email address - the majority are from overseas email addresses (no au on the end)

  • If you don't know the sender or where the email is from DELETE it

  • If you know the sender but aren't sure about the content contact the person who sent it to verify it's genuine ... but not by simply replying to the email

Apple customers being scammed


28 July 2017:

Apple customers are again being warned to be wary of emails claiming to be from Apple.  The latest scam suggests that your account needs attention in order for it to be unlocked.

DO NOT CLICK ON THE UNLOCK APPLE ID LINK!!!

As we have warned in the past, check where the email has originated from and you will not that it is not in fact an Apple email address.

This is the second email scam in as many months targeting Apple and Apple customers.  Last month's scam suggested files had been downloaded under a consumer's ID and contained a link to a file to reset ID information.  Clicking this link was a major security risk.

Simple checklist when dealing with emails:

  • Do not open any attachment or click on any link unless you are absolutely sure that the email is genuine.

  • Check the sender's email address - the majority are from overseas email addresses (no au on the end)

  • If you don't know the sender or where the email is from DELETE it

  • If you know the sender but aren't sure about the content contact the person who sent it to verify it's genuine ... but not by simply replying to the email

New malware hitting Macs too


28 July 2017

Mac users are being warned against complacency when it comes to security on Apple Mac systems.  No longer can they be considered totally secure simply because they're Macs.

According to an article published this week, “More new malware families have appeared so far this year than in any other previous year in all the history of Mac OS X, and the year’s only half over."

A newly-discovered malware variant of Fruitfly has recently been discovered and it has the potential to spy on Mac users.

Click HERE to view the entire article.

Why you need to update your software


Have you ever wondered why you need to purchase new versions of software for your computer?

We’ve recently been informed that an older version of our main backup program is to be retired – BackupAssist 8. It doesn’t affect OJ Computers itself because we’re up to version 10, but it made us think about whether or not the public was aware of why new versions were released … and it’s not to line the pockets of computer software retailers or developers.

As everyone can appreciate technology is changing every day and there are always new threats coming from people wanting to hack into computer systems for whatever purposes, so there’s always new ways being found to do this. A computer software program, such as BackupAssist 8 purchased in 2014 was designed to be used with 2014 technology and was designed to backup data of that era … and not necessarily programs and systems that are in operation today, just three years later.

Upgrading your software means you will not only be able to access additional product features that have been included thanks to new technology, but you will also be assured that the software will function between with the current technology you may have. In the case of BackupAssist, such software is vital and therefore must be designed to cope with the technology you have installed or are likely to install or download.

If you would like to know more about the latest software, or would like advice as to whether or not you’ve got the latest or the most suitable software for your requirements, contact us on 8552 4442 or call into our showroom on Port Elliot Road, Victor Harbor weekday mornings.

Malicious emails impersonate Origin Energy


24 July 2017:


Several media outlets have reported that a new scam email campaign impersonating Origin Energy has been targeting Australians this week.

What to do now

If you think you have received one of these deceptive emails, do not open it and do not click on the orange ‘View bill’ button.

Delete the email and if you are in any way unsure contact Origin Energy using the contact details from their website.

Details

According to security company MailGuard, who wrote about the malicious emails on their blog, they appear to be bills from Origin Energy and feature the utility company’s distinctive branding. These fake bills also feature variable amounts and due dates and attempt to run a malicious script when clicked on.

These emails are well-crafted and appear convincing, possibly making them more likely to persuade well-meaning Origin customers to follow their instructions.

If you did click on the button and you think you may have downloaded the malicious script, ring me immediately.

Staying safe

Origin Energy provides detailed information on their website on how to tell a real Origin message from a fake one and what to do if you think you’ve received a fake one.

Simple checklist when dealing with emails:
  • Do not open any attachment or click on any link unless you are absolutely sure that the email is genuine.

  • Check the sender's email address - the majority are from overseas email addresses (no au on the end)

  • If you don't know the sender or where the email is from DELETE it

  • If you know the sender but aren't sure about the content contact the person who sent it to verify it's genuine ... but not by simply replying to the email

RANSOMWARE ATTACK ... again


19 July 2017:

New type of ransomware threatens to share your browsing history

A new type of ransomware has left encryption behind to instead threaten public humiliation using your browsing history.

This malware claims to make a copy of your browsing history and threatens to share it with all of your contacts unless you pay a ransom.

LeakerLocker was discovered by cyber security firm McAfee and has been found in two android apps: Wallpapers Blur HD and Booster & Cleaner Pro.

What to do now

• If you have downloaded either application—uninstall these apps immediately.

• DO NOT pay the ransom.

• Clear your browsing history.

Staying safe

• Be wise in your choice of applications and research before downloading (i.e. read user reviews, check required permissions and search the name to see if any warnings exist).

• Ensure your software is updated.

• Clear your browsing history regularly.

• Back-up your device regularly.

As always, contact us at OJ Computers if you need any assistance.

BEWARE - SMS Phishing Scams

12 July 2017:

Scammers have been reported impersonating the Commonwealth Bank, National Australia Bank (NAB) and the Bendigo bank and it is possible that other banks have also been impersonated.

What to do now

If you received an SMS message from an Australian bank asking you to click on a link and enter personal details, do not click on the link - delete it.
If you have clicked on a link or responded to one of these messages, contact your bank or financial institution immediately.
If you believe you have been the victim of a crime, such as fraud in this case, report it to your local police.

Details

Phishing occurs when criminals send deceptive messages to try to steal confidential information, such as online banking or credit card details, or other sensitive information that can be used for identity theft or fraud.
They will often impersonate familiar and trusted businesses to increase their chance of success, as in this case where they have impersonated Australian banks.
These deceptive messages can be sent via email, SMS, instant messaging or even social media platforms.
Several different forms of these deceptive messages are in circulation. In the NAB and Bendigo bank examples, users received an SMS message stating that their account was locked and provided a link to a site where they could verify their details,
In the Commonwealth bank example, users were asked to verify their login details and personal verification questions for an update.
It’s important to note that these are only examples and other malicious messages are likely to be in circulation. For examples of different types of SMS phishing messages reported by banking customers, see the Commonwealth bank website.

Staying safe

Your bank or financial institution will never send you a message with a link asking you to confirm or verify your personal banking information.
Be wary of any unexpected message you receive that contains a link for verifying confidential information and don’t click the link.

ASIC & ANZ email scams


11 July 2017:
The ANZ and ASIC have again been the subject of new email scams.  The ANZ version purports to be a statement and the ASIC email is about a reminder of a renewal.
Closer looks can reveal that the senders are not who they say they are.
Fake and scam emails can result in damage to your computer, hacking into your financial accounts, password and identity theft (among other risks).

Simple checklist when dealing with emails:

  • Do not open any attachment or click on any link unless you are absolutely sure that the email is genuine.
  • Check the sender's email address - the majority are from overseas email addresses (no au on the end)
  • If you don't know the sender or where the email is from DELETE it
  • If you know the sender but aren't sure about the content contact the person who sent it to verify it's genuine ... but not by simply replying to the email

 

New Ransomware attack


28 June 2017: There is a new global Ransomware campaign, which has impacted a range of countries overnight.

Media is reporting the ransomware, called ‘Petya’, is spreading in the United States, Europe and Asia. Petya makes your computer or its files unusable unless a fee (ransom) is paid. There are emerging reports of Australian organisations being impacted.

Ransomware is a type of malicious software (malware) that makes your computer or its files unusable unless you pay a fee (ransom).

Ransomware is one of the most frequent and damaging types of malware affecting people today. It can affect both individuals and organisations, and can impose significant costs – in both recovery and down time.
Be extra careful when checking your emails and when visiting websites or clicking on news and advertising links.

If you think your PC may be infected, turn your PC off immediately and contact me.

The following rules apply:
  • If you’re not sure about an attachment, DO NOT OPEN IT – check with me.
  • If you don’t know the sender or where the email is from, DELETE IT or check with me.
  • Check the sender’s email address – the majority are from overseas email addresses.
  • If you know the sender but aren’t sure about the content of the email, contact the person who sent it to verify that it’s genuine.
  • If you’re not sure about a link in an email, DO NOT CLICK ON IT – check with me.

Phone scams impact technology

26 June 2017:

New wave of Telstra technical support scams: Alert Priority High

There have been reports of a new wave of technical support scams impersonating Telstra. These scams may also be known as ‘Remote Access scams’ or ‘Impersonation scams’.

Victims are contacted by callers pretending to be representatives from Telstra reporting some kind of problem. (One recent scam, for example, claims that the lights blinking in a particular pattern on a modem or router indicates an issue).

These callers may either request remote access to your computer and/or ask for credit card details in order to charge a fake support fee or fix a false payment processing issue.

What to do now

If you are contacted unexpectedly by someone claiming to be from Telstra and they either ask you to verify your payment details or claim that there is a problem with your internet connection – hang up. If unsure, verify their identity by contacting Telstra using the phone number printed on your bill, or use the contact details on https://www.telstra.com.au.

· If you think you have given your credit card details to a scammer, contact your bank or financial institution immediately.

· If you think your computer’s security has been compromised, or you have given remote access to an unauthorised user, contact us immediately.

· If you accessed any online accounts or services (such as online banking, social media or email) after giving a scammer remote access, you will need to update your credentials for these services. Log in to any services or accounts that may have been accessed – from a different, clean computer – and change your passwords.

Details

Technical support and impersonation scams are not new and continue to be a problem so it is important to remain alert to things that don’t seem right.

These types of scams attempt to take advantage of a victim’s lack of knowledge or anxiety around technical issues. Scammers may use overtly technical language or play on user’s fears of malware or other security threats to gain remote access to the victim’s computer or steal their credit card details.

Email Scams


The following are some of the latest email scams we've become aware of.  The list is by no means conclusive and there appears to be new ones every day.  Many seem to be coming from reputable brands such as banks, telcos and even government agencies but closer looks can reveal that the senders are not who they say they are.
Fake and scam emails can result in damage to your computer, hacking into your financial accounts, password and identity theft (among other risks).

Simple checklist when dealing with emails:

  • Do not open any attachment or click on any link unless you are absolutely sure that the email is genuine.
  • Check the sender's email address - the majority are from overseas email addresses (no au on the end)
  • If you don't know the sender or where the email is from DELETE it
  • If you know the sender but aren't sure about the content contact the person who sent it to verify it's genuine ... but not by simply replying to the email

Office 365 scam


19 June 2017: Office 365 users are being warned to be wary of the latest phishing scam.  The above email purports to require updated details from the Office 365 user ... but it is not from Microsoft at all.  Note the FROM email address.
DO NOT CLICK ON ANY LINKS on this email.

Microsoft Outlook phishing scam


14 June 2017:  The latest email scam doing the rounds is trolling for identity and password information related to your Microsoft account.
The email link takes you to a fake Outlook Web App which asks you to create a new password and will then steal your Outlook Account information.

DO NOT CLICK ON THE LINK if you receive this email. 



 

Apple - ASIC - ANZ

13 June 2017 - Apple, ASIC (Australian Securities Commission) and the ANZ Bank are the latest to be targeted by email scammers.

With regards to the Apple emails: double check any Apple/iTunes purchases, downloads and receipts you might have received  – if you’re uncertain, contact Apple/iTunes via the website.

If you see any of these or similar, DO NOT CLICK ON ANY LINKS  -  please DELETE IMMEDIATELY.

 

 

 

Origin Energy Scam


6 June 2017:
Origin Energy customers (and all email users) are being warned of the latest email scam involving Origin Energy.
The email appears similar to the one above.

NOTE:  The sender's email address has no relationship to Origin Energy nor the website mentioned in the bill.  In this example you can see it says OVIOENERGY not ORIGINENERGY.

DO NOT CLICK THE VIEW BILL as it contains a link to a .zip file, a type of file which can cause significant harm to your computer.

 

 

Ransomware attack

16/5/17 - Ransomware Update:
Further to our post from the weekend we're recommending everyone check to ensure they have the latest updates and patches installed for their Microsoft programs.  Here we provide the link to Microsoft's catalog of updates.  We encourage everyone to follow the link and click on the version appropriate for their operating system to see if you have the latest update installed.

Microsoft Security Update catalogue download

In addition, the following has been provided by ESET, one of the main security software producers we recommend, has issued this memo for its customers to help deal with the Ransomware attack:

On Friday last week, a new wave of ransomware known as “WannaCry” (detected by ESET asWin32/Filecoder.WannaCryptor.D) spread across the globe and infected tens of thousands of computers. This ransomware propagates by exploiting a Microsoft Windows vulnerability in unpatched computers.

ESET detects and blocks the WannaCryptor.D threat and its variants. With ESET’s network protection module, we are blocking the leaked version of the exploit on the network level. We have issued an alert on our Knowledge Base site providing step-by-step instructions for our customers to ensure they are protected.

At ESET, customer safety comes first. We recommend users proactively update their operating systems, use caution when opening email attachments and enable LiveGrid on your ESET products.

Thank you,

ESET

13/5/17 - Computer owners throughout the world have woken this morning to find many of their computer files are being held for ransom after the latest cyber attacks.

By Monday it was reported that more than 200,000 computers throughout the world had been impacted in what has been described as the largest cyber attack of its kind ever reported.  
The attack is being spread by a worm.  We are encouraging customers to ensure their Microsoft programs are being constantly updated with automatic updates.  If you're unsure let us know so we can check for you.  The updates may help protect you from the attack.
In addition, we also remind everyone to be extra vigilant when checking emails with attachments or links.

Before you open any attachment or click on any link, do the following:

Check the senders email address –

  • do you know the sender
  • does the sender’s name match the email address
  • does the sender’s name match the signature
  • if you know the sender but aren’t sure if the email is genuine, contact the sender

If there is a link or button in the email, hover your mouse over it (do not click) and check the link:

  • does the link match the description or content of the email
  • does the link make sense

Do not open any emails, attachments or click on any links unless you are absolutely 100% sure they are genuine.  If you’re not sure, ring me.

IF A PC DOES GET INFECTED SWITCH IT OFF IMMEDIATELY, REMOVE IT FROM THE NETWORK AND CONTACT US ASAP.

Westpac Bank email scam

Traffic infringement notices

Telstra scam

We have recently been made aware of a very elaborate email scam that any Telstra customer can be vulnerable to.  

If you receive an email purporting to be from Telstra we recommend you take a closer look before responding or taking any action.  This is what the email looks like.

 


The link in the email takes you to a well-constructed FAKE website hosted in Brazil that looks almost identical to the real Telstra customer portal.

See if you can pick which one is the real and which is the fake…

 

Notice the subtle differences between the two, you can see that they have a slightly different title font, but are almost the same. The real one is the second screenshot, which includes a small YouTube clip advertising Telstra’s latest products.

While the email seems to be from a legitimate email address, there are several things to look for in this email.

 


In this screenshot you can see that the email seems to originate from a legitimate email address. Software to spoof the origins on an email are very easy to come by but in this instance, the email address itself seems a bit suspicious. Also, the email recipient (or To field) is empty rather than having your actual name or email address in it. The subject is also a hint of this email’s non-authentic origins as it says your Telstra Media Bill, rather than saying your mobile/land line/Internet bill. By using generic terms, scammers can appeal to a wider audience.

 

 


Mouse-over links to see where they go

One of the simplest things you can do when looking at an email is to hover the mouse over the link WITHOUT CLICKING on it. After a second, Outlook shows the actual address where the link will take you if clicked. This is very easy for the scammer to fake, but just as easy for you to spot too.

How can I check the link on my iPhone or iPad?

 


Obviously, the mouse-over feature is not available on a mobile device, but there is a similar feature to help you detect fake links on your iOS device. While in an email, simply press and hold on the link. This will bring up a few choices, but most importantly, shows the actual address of where the link will take you.

Simple checklist when dealing with emails:

  • Do not open any attachment or click on any link unless you are absolutely sure that the email is genuine.
  • Check the sender's email address - the majority are from overseas email addresses (no au on the end)
  • If you don't know the sender or where the email is from DELETE it
  • If you know the sender but aren't sure about the content contact the person who sent it to verify it's genuine ... but not by simply replying to the email