Another email scam impersonating the Australian Securities and Investments Commission has hit Australian inboxes this morning, in what was called "one of the largest-scale malware deliveries" in the past 12 months.
Email security vendor MailGuard said that infected emails hit inboxes at 9:43 this morning. The emails, purporting to be from ASIC, tell businesses their name is due for renewal and directs them to a link to download a renewal notice.
This link actually contains attachments for a .zip archive file which contains a malicious JavaScript file. MailGuard said the exact type of malware isn't clear yet, but its purpose is to disrupt, damage or gain control of the victim's system.
MailGuard said there were a few things to watch out for from the email. It was sent from the domain ASIC.Transaction.No-reply@asickdesk.com which was registered in China yesterday.
The subject line is 'Renewal' and emails are addressed to 'Dear customer' rather than a specific recipient.
What makes the email more deceptive is that includes a "well-formatted message" that uses ASIC's branding and the government's coat of arms.
This is the fourth time this year a widespread email scam impersonating the corporate watchdog has targeted Australian businesses.
In 2017, email scams have also impersonated MYOB in two separate incidents, energy provider Origin and human services body myGov.
.png&h=142&w=230&c=1&s=1)
.png&w=100&c=1&s=0)
