Australia markets closed
  • ALL ORDS

    7,009.90
    -32.80 (-0.47%)
     
  • AUD/USD

    0.7784
    +0.0007 (+0.09%)
     
  • ASX 200

    6,762.30
    -27.30 (-0.40%)
     
  • OIL

    60.77
    +0.13 (+0.21%)
     
  • GOLD

    1,725.40
    +2.40 (+0.14%)
     
  • BTC-AUD

    63,113.60
    +1,951.86 (+3.19%)
     
  • CMC Crypto 200

    988.01
    +1.36 (+0.14%)
     

'DO NOT OPEN': Scam harvests Aussies' bank details

Anastasia Santoreneos
·1-min read
'Do not open': New scam threatens to harvest Aussies' bank details. Source: Getty/MailGuard
'Do not open': New scam threatens to harvest Aussies' bank details. Source: Getty/MailGuard

Aussies have been warned to steer clear of a scammers purporting to be from Microsoft Office 365 and asking to deliver a report, after cybersecurity firm MailGuard intercepted the malicious email.

According to MailGuard, there's an email circulating which looks like an automated file-sharing alert, but is really just deceiving recipients into handing over their sensitive information.

The email just says 'a copy of a report has been delivered to your mailbox' with a link that says 'read message'.

Users who click that link are sent to a Microsoft Office 365-branded page, where they are asked to first sign in with their email, and then again with their password.

"Both these ‘login’ pages are actually phishing pages hosted on a compromised website," the MailGuard blog stated.

"Once users enter their email and password, the attackers harvest them for future use, and the user is met with an error saying that the credentials are invalid."

The cybersecurity firm warned Aussies to be "extra vigilant" against these kinds of emails: "Whatever happens, do not open or click them."

I've received this email. What do I do?

Simply, do not open it.

MailGuard says to never open emails that:

  1. Are not addressed to you by name;

  2. Appear to be from a legitimate companies but use poor English; 

  3. Are from businesses that you were not expecting to hear from; Or

  4. Take you to a landing page that is not the legitimate URL of the company the email says its from.

Want 2021 to be your best (financial) year yet? Follow Yahoo Finance on Facebook, LinkedIn, Instagram and Twitter, and subscribe to the free Fully Briefed daily newsletter.