Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Phishing

National Cyber Security Committee urges vigilance as two concerning cyber security threats are in the wild

Nov 7, 2019 - UPDATE: As at 12th November 2019 the CIMA level returned to Level 5 - Normal Conditions. The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), with its state and territory partners, is continuing to respond to the widespread malware campaign known as Emotet while responding to reports that hackers are exploiting the BlueKeep vulnerability to mine cryptocurrency. The Cyber Incident Management Arrangements (CIMA) remain activated, however the alert level has been downgraded to Level 4 – ‘Lean Forward’.
Check Scam Message Artwork

Widespread exploitation of vulnerable systems via Emotet malware

Oct 24, 2019 - The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) is investigating a widespread malware campaign known as Emotet. Emotet is a Trojan virus delivered via emails sent with malicious attachments. Cyber criminals use malware for different reasons, most commonly to steal personal or valuable information from which they can profit, hold recipients to ransom or install damaging programs onto devices without your knowledge.
Email scam

Business Email Compromise freight forwarding scam

Jul 23, 2019 - The ACSC is warning small to medium sized businesses supplying IT and electrical products of a social engineered email scam requesting quotes on goods. A number of Australian businesses have been forced to close since the scam began due to the losses they have sustained. The amounts lost average between $30K and $100K with the largest to date being $170K. To date, the cyber criminals have yielded more than $700,000 through what has been termed freight forwarding scams.
small and medium business logo

Follow our essential steps to protect your business

May 15, 2019 - This week is national Privacy Awareness Week, an annual initiative of the Office of the Australian Information Commissioner (OAIC) that raises awareness of privacy issues and the importance of protecting personal information. Malicious or criminal attacks are deliberately crafted to exploit known vulnerabilities for financial or other gain. Many cyber incidents exploit vulnerabilities involving a human factor, such as unwittingly clicking on a malicious link and disclosing passwords.
Strong password artwork

Take steps to better secure yourself

May 2, 2019 - The Australian Cyber Security Centre (ACSC) has released a checklist to help Australians protect themselves from cyber criminals. Lottery and grant scams, identity theft, investment scams, hacking, phishing, dating and romance scams, online abuse and sextortion are just some of the threats people face.

Detecting Socially Engineered Messages

Apr 30, 2019 - Socially engineered messages present a significant threat to individuals and organisations due to their ability to assist an adversary with compromising accounts, devices, systems or sensitive information. This document offers guidance on identifying socially engineered messages delivered by email, SMS, instant messaging or other direct messaging services offered by social media applications.
exclamation mark to indicate urgent message

Subject -- Urgent payroll request

Apr 3, 2019 - Cyber criminals are trying to commit payroll fraud by sending fake emails requesting a change to your bank details. The Australian Cyber Security Centre (ACSC) is aware that fraudulent emails have been received by organisations across Australia. These emails spoof the emails and signature blocks of staff, and are sent to HR/payroll areas appearing to ask for a change in bank account details for the current or next pay.  Workers often become targets while on holiday, when their Facebook or Instagram updates reveal that they are away for an extended period of time.
PayPal logo

Fake Paypal emails request ‘account details’

Mar 30, 2019 - The Australian Cyber Security Centre (ACSC) is aware of malicious emails that are falsely advising Australians that their account has violated Paypal rules. These phishing emails try to lure the recipient into sharing personal information, which could then be used for identity theft and financial gain by cyber criminals. The recipient is told their account will be permanently disabled within 48 hours unless the user logs-in using the link provided within the email to ‘update account details’ and ‘activate your account’.

Microsoft warns of Internet Explorer vulnerability

Dec 21, 2018 - Microsoft has released a security update for Internet Explorer after receiving a report from Google about a new vulnerability that is being used in targeted attacks. Security vulnerabilities in applications can be used to execute malicious code on your systems, and using the latest version of applications is one way that you can better protect yourself, as we explain in the Essential Eight.

Medicare & Aus Post SMS scam

Nov 29, 2018 - You may have seen news reports yesterday of an active phishing campaign via SMS, pretending to be from either Medicare or Australia Post. The messages claim that you have a rebate owed or a competition opportunity and asks you to click through to a website and provide your personal details.