Sorry, you need to enable JavaScript to visit this website.
Skip to main content

Suspicious Email

Detecting Socially Engineered Messages

Apr 30, 2019 - This publication provides guidance on identifying socially engineered messages delivered by services such as email, SMS, instant messaging or other direct messaging services offered by social media applications. Detecting Socially Engineered Messages (April 2019) First published 2012; Latest version April 2019.
Email scam

Malicious Email Mitigation Strategies

Apr 30, 2019 - This publication provides prioritised guidance on strategies that can be implemented to mitigate the cyber threat associated with malicious emails and email attachments. Malicious Email Mitigation Strategies (April 2019) First published 2016; Latest version April 2019. Introduction Socially-engineered emails containing malicious attachments and embedded links have been observed by the Australian Cyber Security…

Mitigating Spoofed Emails Using Sender Policy Framework

Apr 30, 2019 - This publication discusses what Sender Policy Framework (SPF) is and how it can be deployed to protect against spoofed emails used as part of targeted social engineering campaigns against organisations. Mitigating Spoofed Emails Using Sender Policy Framework (April 2019) First published December 2012; Latest version April 2019 .
Unauthorised cryptomining

Fake CIA emails requesting Bitcoin or arrest

Mar 20, 2019 - The Australian Cyber Security Centre (ACSC) is aware of malicious emails claiming to be from the Central Intelligence Agency (CIA) that are being received by Australians. The emails align with the ‘sextortion’ campaign being observed globally. The criminals inform recipients that due to their involvement in illegal material, the recipient’s personal information such as; addresses, contact information and information…
Email security

Don't get burned by email scams this Summer

Jan 14, 2019 - At this time of the year, Australia sees its fair share of extreme weather events. From savage storms to raging bushfires, these extreme weather conditions can take place unexpectedly, leaving Australians little time to consider the possibility of being the target of cybercrime. Cybercriminals will take advantage of these stressful situations, pursuing individuals and businesses when they least expect. As witnessed in…

Phishing email scam – tender invitation

Jan 9, 2019 - The Australian Cyber Security Centre (ACSC) is aware of phishing emails allegedly from the Department of Infrastructure, Regional Development and Cities, inviting the recipient to respond to a tender invitation. This email is a scam, and the fake tender document attached contains malicious web-links that seek to steal your personal information. .

Bomb threat email scam targeting Australians

Dec 14, 2018 - The Australian Cyber Security Centre (ACSC) is aware of bomb threat emails being received by Australians. The emails claim an explosive device has been hidden in the recipient’s premises, and will be detonated unless a ransom is paid in bitcoin. If you receive this email: Do not respond or contact the sender Do not pay the ransom Ring your local police service. The ACSC believes this to be a scam, however as a…

Business email compromise, a fast growing scam

Oct 12, 2018 - The Melbourne Joint Cyber Security Centre (JCSC) hosted a two-hour seminar yesterday on Business Email Compromises (BECs), which many cyber security experts consider to be the major current cybercrime threat to business. The seminar provided information to small and medium business representatives, as these sectors are particularly targeted by cybercriminals who are perpetrating BECs. The JCSC worked with Small Business…
Email scam

Email scams

Aug 14, 2018 - The Australian Cyber Security Centre provides you with up-to-date advice on current threats and vulnerabilities, as well as guidance on mitigation and cyber security best practice. . What are email scams? Criminals use email to manipulate or trick you into unintentionally sharing personal information, financial details, or money. These 'malicious actors' will use different tactics to trick you…
Mitigating security incidents

How to mitigate cyber security incidents

Jul 1, 2018 - Today, there are hundreds, if not thousands, of cyber security strategies published that tailor to all sorts of infrastructures, market categories and cyber threats. Knowing which strategies apply to your organisation and where to start cyber resilience activities can be an overwhelming task. To address this issue, we have compiled a list of mitigation strategies that organisations can use as starting points to improve…