fake Archives – Sterling IT

Scammers are reportedly claiming to be corporate CEOs in email scams designed to steal up to hundreds of thousands of dollars from targeted companies.

Sterling IT has had one of its clients be hit with this twice and we believe they phished the email addresses from their website.
The staff also had their titles with their email addresses making it very easy.

Stay Smart Online has received a report that scammers misrepresenting themselves as corporate CEOs are sending fake emails to the CFOs of targeted companies. These emails request that up to hundreds of thousands of dollars be transferred urgently from targeted businesses to apparently legitimate bank accounts held by third-party individuals. However, these bank accounts may have been established using the details of people who have been victims of identity theft.

The relatively sophisticated scam appears to be identical to, or a recurrence of, the ‘Business Email Compromise’ or ‘Wire Fraud’ scam that Stay Smart Online provided an Alert about in October 2014. Details of the 2014 scam were provided by CERT Australia. The FBI has published similar reports regarding the ‘Business Email Compromise’ scam.

Businesses are advised to be suspicious of unexpected, urgent demands for large sums of money by any person – including CEOs and other senior leaders. You should always verify these requests directly with the person involved, and follow all governance and due diligence processes.
CERT Australia provides the following advice:

Consider adding a second method of verification for large financial transfers, such as verbal verification between employees.
Alert employees to be vigilant with regard to these incidents, especially those conducting or authorising wire transfers or similar financial instruments.
Do not reply to the email.
Sender Policy Framework (SPF) checking should be implemented to detect and prevent sender address forgery.
Review network logs for evidence of the indicators provided in this Alert.
Configure mail servers and mail scanners to block and remove emails with the indicators provided in this Alert.
Report identified activity to CERT Australia.

If a company has been defrauded as a consequence of these emails, report the matter to local police for investigation and escalation as appropriate.

Source: staysmartonline.gov.au

Fake Emails re ISIS threat
You are advised to be cautious about opening any emails you receive that refer to any ISIS threat.
New emails referring to ISIS terrorism activities carry a malicious attachment that can be used to infect your computer.

ACMA (“The Australian Communications and Media Authority”) is receiving a surge in reports of emails with the subject ‘ISIS attacks in Sydney?’. The emails request people to open an attached Word, RAR or other file by claiming the attachment includes an article naming the Sydney locations ISIS plans to attack in 2015.

Clicking on the attachment could result in malicious code being installed that allows an attacker to take control of your computer.

The email includes the contact details in an attempt to represent itself as a legitimate email. It is highly likely similar malicious emails are in circulation using references to high profile, terror-related events.

The full text of the malicious email is provided below:

Subject: ISIS attacks in sydney?
Body: ISIS has warned Australian Police today about new attacks in Sydney.
Attached the places in word file which ISIS planning to attack in Sydney this year 2015.
These terrorists have Australian Citizen why they attack us?
Read more in the detailed story in word file.
Please address any correspondence to:
[news address inserted here]
The switchboard number for [news] is:
[news phone number inserted here]
Telephone: [news phone number inserted here]
Email: [news email inserted here]

To stay safe, it is important that you do not click links in phishing emails or reply to the sender if you do not know them.
Source : Stay Smart Online , a Government initiative.

CEO CFO and other management caught up in scam emails to transfer funds using fake accounts

Fake Email Warning : ISIS terrorist threat to Sydney comes in a legitimate looking email with malicious payload in attachment and/or link.