Home » Email Scammers Impersonating the ASD’s Australian Cyber Security Centre

Email Scammers Impersonating the ASD’s Australian Cyber Security Centre

August 30, 2024 • César Daniel Barreto

The Australian Cyber Security Centre, which is a division of the Australian Signals Directorate, has just released a medium-level warning regarding another wave of advanced email scams that target people and families around Australia.

These emails are specially crafted to appear as if they have come from ASD’s ACSC, exploiting trust and authority to mislead recipients. The cyber crooks behind this campaign are using spoofed email addresses complete with the official ASD’s ACSC logo to add an air of legitimacy to their communications. In this article, find out all about the scam, how it works, and what you can do to stay safe.

What Happened?

In the past weeks, ASD’s ACSC has identified several cases whereby cybercriminals email people with emails purporting to originate from the Centre. The emails are issued from spoofed accounts, which may appear to come from ASD’s ACSC. The emails vary in content but generally tend to follow two common themes, both of which are intended to make the recipient afraid or urgent.

Simplified sentence structure, using “cyber thieves escalate perceived threat” and “urge recipients to download ‘Antivirus’ software through the link provided in the email. Attackers indicated that The computer of the recipient could not remain safe from the threats without having the respective software.

But if clicked on, the connection opens on downloading and installing malicious software in the computer. The attackers then use this malware to steal sensitive information, monitor the activities of the user, or remotely control the victim’s computer.

Another type of phishing email used is one that threatens recipients with claims that complaints about their e-mail address or IP address have been filed. According to the email, such complaints put one’s account in jeopardy and require the downloading of this ‘Antivirus’ software in order for one to safeguard their account. Similar to the first, clicking on to this link also results in a download of harmful software that puts in jeopardy the personal data and security of the recipient.

These are extremely concerning scams; these emanate from the authority of ASD’s ACSC. Hence, these are more convincing to victims of such an attack because they would rarely question the authenticity of such emails. The attackers take advantage of the official ASD’s ACSC logo in addition to using technical and formal expressions that help enhance the deception, making potential victims an easy target for these types of attacks.

How to Stay Secure

Considering how articulate these scams could get, vigilance and proper initiative to safeguard oneself are called for:

Do not click on links: If you receive an email that purports to be from ASD’s ACSC and asks you to download software or to take urgent action, do not access any links. ASD’s ACSC can be contacted directly at 1300 CYBER1 (1300 292 371) to verify the authenticity of the email.

Report and block: If you think you have received a fraudulent e-mail, immediately report it and block the sender. It helps to block further communication from the scammer and enables authorities to take appropriate action against the threat.

Seek assistance: If you think you have clicked on a suspect link or are unsure if an email is legitimate, seek assistance. Call the ASD’s ACSC on the hotline number 1300 CYBER1 (1300 292 371). for guidance on the appropriate course of action in each scenario.

Stay Informed: Knowledge is one of the best methods of protection from these types of scams. Be familiar with common phishing tactics and how to identify suspicious emails. Resources and advisory information on how to identify phishing and other cyber threats are from ASD’s ACSC website.

Scam Reporting

Lastly, the scams need to be reported to ScamWatch for further investigation. This adds up to the collective contribution of being on the front line in the fight against cybercrime and helping to protect others from becoming victims of these crimes.

While this increasing sophistication tends to pose a significant threat, being informed and actually taking precautions can significantly reduce your risk. Keep in mind if you get an email from supposedly authoritative organizations like the ASD’s ACSC, make sure it is legitimate, and if you suspect anything fishy comes up, don’t hesitate to report scams to ScamWatch.

woman avatar

César Daniel Barreto

César Daniel Barreto is an esteemed cybersecurity writer and expert, known for his in-depth knowledge and ability to simplify complex cyber security topics. With extensive experience in network security and data protection, he regularly contributes insightful articles and analysis on the latest cybersecurity trends, educating both professionals and the public.