Security & Fraud

Australian Inboxes Hit With Fake ASIC Malware

MailGuard ATO Scam

If you live Down Under, you might want to stick to the old-fashioned kind of surfing and avoid the web today. Not for the first time — not even for the first time this year ­— cybercriminals have posed as the Australian Securities and Investments Commission (ASIC), Australia’s corporate regulator, to deliver malware to swaths of email inboxes.

Local email filtering company MailGuard said it was one of the largest-scale malware cyberattacks it had identified within the past year.

The fake email tells business owners that the name of their business is due for renewal and to click the link to download a renewal notice. But instead of a renewal notice, victims are downloading a zipped archive file containing a malicious JavaScript file.

The email also includes details on how to renew a business name, including directions for making the renewal payment. However, MailGuard said the payments are secondary; the criminals’ real goal is to get their malware downloaded onto as many computers as possible.

On Monday, July 10, when the cyberattack first struck and news of it spread, MailGuard said it was not yet sure what type of malware it was dealing with. It could be a virus or ransomware. But the intent was clear: The sender hoped to disrupt, damage or take over a computer system or data, MailGuard said Monday.

This is the fourth time this year — as in, 2017; as in, the last six months — that a scam has used the ASIC name to slip malware into masses of inboxes.

The email looks legitimate, featuring ASIC’s branding and the Australian government’s coat of arms. With a straightforward subject line — simply, “Renewal” — and clean formatting, it’s no wonder people have fallen for the scam.

MailGuard noted three telltale signs could have alerted victims that the message was a scam.

First, the domain of origin,, was recently registered in China. Second, the letter begins, “Dear customer” instead of addressing the recipient by name; official agencies will always use your name, MailGuard said. Third, it should always throw up a red flag when an email asks you to send money. And finally, the letter is “signed” by a “Myra Tango, Senior Executive Leader, Registry.”

Myra Tango does not exist. At least, not at ASIC. A Google search would have revealed as much. The bottom line for cybersecurity is this: Be vigilant out there and remember that the sharks in the surf aren’t the only ones you have to look out for.



New forms of alternative credit and point-of-sale (POS) lending options like ‘buy now, pay later’ (BNPL) leverage the growing influence of payments choice on customer loyalty. Nearly 60 percent of consumers say such digital options now influence where and how they shop—especially touchless payments and robust, well-crafted ecommerce checkouts—so, merchants have a clear mandate: understand what has changed and adjust accordingly. Join PYMNTS CEO Karen Webster together with PayPal’s Greg Lisiewski, BigCommerce’s Mark Rosales, and Adore Me’s Camille Kress as they spotlight key findings from the new PYMNTS-PayPal study, “How We Shop” and map out faster, better pathways to a stronger recovery.

Click to comment