Another batch of Cryptolocker emails are arriving in inboxes across Australia.
Over the past few weeks we have seen five variants – ranging from a poor attempt at a credit card balance email from JP Morgan, to infringement notifications from AFP Australia. Those behind the latter seem to think that the Australian Federal Police manage traffic violations.
Fortunately, they are easy to identify as fake (hovering your mouse over the links shows the true destination) so they shouldn’t cause too many concerns – but they do serve as an opportunity to remind staff that hostage-ware remains prevalent and they need to be vigilant about the links and attachments they click.
The five we have seen are:
1. Refunds from the Australian Tax Office
This attempt does well to mask the sender’s email address by making it appear legitimate, but the address seen when hovering your mouse over the link points to a completely different site.
2. Faxes from the Australian Tax Office
This is likely from the same source as the refund statement above. It is only by hovering over the link address that the true destination is seen.
3. Australia Post Delivery notifications
Also replicating the model used in 1 and 2, the sender’s email address appears correct, but the link exposed exposed when you hover over the link shows that it is again redirecting you to a another site.
4. Traffic Infringement Notice from the Australian Federal Police
These are a little more obvious. Even if you believe that the AFP are now issuing traffic tickets, the sender’s actual email address ([email protected]) and the link should be enough to alert you something is not quite right.
5. JP Morgan Credit Card Balance
It’s unlikely you have a JP Morgan Credit Card, but even if you did – the sender’s email address and the link address exposed when hovering the link should be enough to stop you from clicking the link.
For more information on Cryptolocker, click here.
For more information on how to better secure your business, speak to the blueAPACHE account team.