Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Suspicious Email

Detecting Socially Engineered Messages

Apr 30, 2019 - This publication provides guidance on identifying socially engineered messages delivered by services such as email, SMS, instant messaging or other direct messaging services offered by social media applications.
Email scam

Malicious Email Mitigation Strategies

Apr 30, 2019 - This publication provides prioritised guidance on strategies that can be implemented to mitigate the cyber threat associated with malicious emails and email attachments.
Unauthorised cryptomining

Fake CIA emails requesting Bitcoin or arrest

Mar 20, 2019 - The Australian Cyber Security Centre (ACSC) is aware of malicious emails claiming to be from the Central Intelligence Agency (CIA) that are being received by Australians. The emails align with the ‘sextortion’ campaign being observed globally. The criminals inform recipients that due to their involvement in illegal material, the recipient’s personal information such as; addresses, contact information and information relating to their relative/s are contained in a case file. The recipient is advised they can avoid arrest by paying a $10,000 USD in bitcoin.
Email security

Don't get burned by email scams this Summer

Jan 14, 2019 - At this time of the year, Australia sees its fair share of extreme weather events. From savage storms to raging bushfires, these extreme weather conditions can take place unexpectedly, leaving Australians little time to consider the possibility of being the target of cybercrime. Cybercriminals will take advantage of these stressful situations, pursuing individuals and businesses when they least expect. As witnessed in the United States late last year during Hurricane Florence, cyber scammers are indiscriminate in who they choose to target and will attempt to make a profit in…

Phishing email scam – tender invitation

Jan 9, 2019 - The Australian Cyber Security Centre (ACSC) is aware of phishing emails allegedly from the Department of Infrastructure, Regional Development and Cities, inviting the recipient to respond to a tender invitation. This email is a scam, and the fake tender document attached contains malicious web-links that seek to steal your personal information.

Bomb threat email scam targeting Australians

Dec 14, 2018 - The Australian Cyber Security Centre (ACSC) is aware of bomb threat emails being received by Australians. The emails claim an explosive device has been hidden in the recipient’s premises, and will be detonated unless a ransom is paid in bitcoin. If you receive this email:

Business email compromise, a fast growing scam

Oct 12, 2018 - The Melbourne Joint Cyber Security Centre (JCSC) hosted a two-hour seminar yesterday on Business Email Compromises (BECs), which many cyber security experts consider to be the major current cybercrime threat to business. The seminar provided information to small and medium business representatives, as these sectors are particularly targeted by cybercriminals who are perpetrating BECs. The JCSC worked with Small Business Victoria, the Victorian Small Business Commissioner and the ACCC's Consumer and Small Business Strategies Branch, to invite key Victorian business…
Email scam

Email scams

Aug 14, 2018 - The Australian Cyber Security Centre provides you with up-to-date advice on current threats and vulnerabilities, as well as guidance on mitigation and cyber security best practice.
Mitigating security incidents

How to mitigate cyber security incidents

Jul 1, 2018 - Today, there are hundreds, if not thousands, of cyber security strategies published that tailor to all sorts of infrastructures, market categories and cyber threats. Knowing which strategies apply to your organisation and where to start cyber resilience activities can be an overwhelming task. To address this issue, we have compiled a list of mitigation strategies that organisations can use as starting points to improve their cyber resilience and technical details of these strategies. While no single mitigation strategy is guaranteed to prevent cyber security incidents, we have…
Automated alerts

Business email compromise

Jul 1, 2018 - Business email compromise (BEC) is an online scam where a cybercriminal impersonates a business representative to trick you, an employee, customer or vendor into transferring money or sensitive information to the scammer. To begin, a cybercriminal impersonates a trusted person using an email address that appears to be legitimate (this is known as "masquerading"). To do this, they may use a username that is almost identical to the trusted person's name, or a domain that is almost identical to the name of the trusted person's company. Alternatively, they could replace the "from…