Email Security Threats, Alerts, News and Trends

Suspicious Emails Alert! The threat landscape is always changing which is why we keep our eye on new products that can simplify email security, and streamline the way you and your team work. SMX will keep you up-to-date on suspicious email security threats, alerts, news and trends on this page, so that you know what to look out for.

Please be vigilant in protecting your computer, do not click on any link or download any attachment from someone you don't know. If you receive any suspicious emails, please report these to us.

Below are some Government sites that you may wish to visit that will give you more information on current cyber security trends:  

CERTNZ 2019 Quarterly Report Q2

The latest quarterly report is out. To read the full report, click here .

CERTNZ 2019 Quarterly Report Q1

The first quarterly report is out. To read the full report, click here.

CERTNZ 2018 Safety Report

Phishing and credential harvesting top the issues raised to CERTNZ in 2018.
To read the full report, click here.

 

Spam run: (6) incoming messages

Last updated 29/11/2019 10:00am

We have received reports of users being BCC'd into a Spam message doing the rounds containing the following text:

Dear NZ User,
Due to some errors in this your Email, NZ server is holding (6) incoming messages to your NZ mailbox 
Kindly  FIX THE PROBLEM HERE to avoid missing important mails from your mailbox contact.
NZ email admin
The link directs to a sign in page - this page is not HTTPS secured and will harvest your login credentials.
Please do not reply or click anything in the email, simply delete the email.

 

Apple ID scam hits Kiwi phones - what to watch out for.

Last updated 25/11/2019 11:47am

Numerous iPhone users reported receiving a dubious text message this morning asking them to verify their details.

Coming from the number 365, the message tells the user they've been locked out of their Apple ID and then asks them to verify their details.
The tell-tale sign in the scam is that the word "Apple" is misspelled "appl" in the url featuring in the text message.

It appears to be a classic example of a phishing ruse designed to acquire login and credit card details

What to do if you have been scammed:

• Contact your bank as soon as possible.
• Report it to the police and, if it is an online scam, report it to Netsafe who will give advice on what to do.

Protection from spear phishing and whaling

Last updated 24/10/2019 8:36am

SMX are seeing whaling emails on the increase, here is a helpful article from CERT NZ on steps you can take to protect yourself from being scammed by a whaling email. For more infromation on adding whaling protection with SMX please contact our sales team.

For more informaton on what a whaling attack is please have a read over our FAQ "What is Whaling?"

Spam Run - Netflix

Last updated 21/10/2019 10:40am

We are still seeing a number of emails purporting to be from Netflix, advising that a subscription renewal has failed due to a failed payment.

These are phishing emails. Please do not reply, simply delete the email.

Spam run - Here's this month's Spark bill

Last updated 11/10/2019 11:34am

We are still seeing a number of emails purporting to be from MySpark Support, advising that you owe money.
Latest versions have stared rewording the content in order to bypass the filter, however the subject is still the same.

These are phishing emails. Please do not reply, simply delete the email.

Spam run - Your shipment is waiting for delivery

Last updated 8/10/2019 1:15pm

We are seeing a number of emails purporting to be from NZ Post, advising there is a shipment awaiting pickup.

These are phishing emails. Please do not reply or click anything in the email, simply delete the email.

Spam run - Blank emails orginating from Gmail adresses

Last updated 30/9/2019 11:11 am

We are receiving user reports of spam emails originating from gmail addresses.
These emails generally have the subject lines "Test Mail", "ABC123", and "Test".

This is a simple spam run, simply delete the email.

Outlook System Update

Last updated 24/09/2019 3:25pm

We are seeing a number of emails like the below, requesting that you sign in an update your Outlook account . These are phishing emails, please do not click on any links and delete the email.

Spam runs.

Last updated 09/09/2019 12:48 pm

From time to time you may notice that you and your colleagues receive a number of similar looking spam emails at around the same time. There are a number of reasons why this may be the case:

The spammers have a number of similar emails which they craft which are of a similar nature, they then send these out in a few different rounds. These are sent from different IP addresses and contain slightly different content, this is designed to evade the filters as some IP addresses or websites maybe clean or blacklisted already.

The spammers may have obtained the email addresses from a previous spam run that they have sent or obtained the email addresses from other sources such as email addresses published on your company website.

The spammers may also obtain email addresses through what is known as a “Dictionary attack” where they randomly guess email addresses by going through recipients in alphabetical order to see which ones are active or not.

They may also try and guess passwords using a dictionary attack also which is why it is important to have a strong and secure password using numbers and letters and symbols. Once as a spammer has obtained the password of one account then it easy to obtain the email addresses of other staff members via the company address book and use them for future spam runs.

Threatening password emails

Last updated 09/09/2019 11:35 am

We are seeing a number of emails like below which are being sent with password protected PDF attachments. Please do not open the attachment and please delete the email. The attachment contains a threatening message that advises that the websites that you have visited will be sent to all of your contacts unless you pay a fee. This is a scam, do not respond to it.

Below are the contents of the PDF.

Rep. Needed

Last updated 09/09/2019 11:10 am

We are seeing a number of emails like this below trying to recruit staff to be a rep for a crude oil company. This is spam email, please do not reply and delete this email. 

Potential spam banking emails

Last updated 23/08/2019 9:58 am

While we have not seen these emails reaching our servers yet it is a good idea to keep an eye out for potential banking emails - " spear-phishing emails with macros Docs or exploits, CHM files, and .LNK shortcuts as malicious attachments to initially compromise their victims."  If you were not expecting the email or the email looks suspicious then please report it to the SMX Service Desk so we can investigate further.

https://thehackernews.com/2019/08/silence-apt-russian-hackers.html

Phishing - Voicemail Message

Last updated 28/06/2019 5:23 pm

There are a number of variants of voicemail phishing messages going around. Please do not click on the link and send the samples through to SMX and delete the email.

Phishing - Salary Increment

Last updated 26/06/2019 10:29 am

This phishing email made the rounds today and our filters are now recognising it as spam.

Phishing - CLOSURE OF EMAIL

Last updated 24/06/2019 4:58 pm

We are seeing a number of spam emails with the with the subject CLOSURE OF EMAIL that have been circulating recently advising the recipient that their email will be closed and advising them to click on a link to continue using their email. Please do not click on any links and delete the email.

Male pills emails 

Last updated 24/06/2019 11:42 am

Over the past week we have seen a number of new variants of spam emails which have been advertising male potency pills. The spammers have designed these carefully to evade the SMX filters which is why you may have seen some of these getting through, some of the emails that we have seen have the following subjects:

  • Erecttile Dysfucntion Pills
  • Erecitle Dy$funct|on Pills
  • Erectlie Dysfuncti0n Pills
Please do not click on any links in these emails. The majority of these emails are now being blocked but if you do see any further variants please report the email to SMX Service Desk.
We are monitoring this situation and are working proactively to block any emails that come through.

Microsoft Audio calls spam emails

Last updated 04/07/2019 4:30pm

We are seeing a number of emails that are circulating that are impersonating Microsoft Audio calls, asking you to listen to a fake voicemail message, this is not genuine, please do not click on any links and delete the email.

Phishing - Microsoft Upgrade

Last updated 17/07/2019 7:00pm

We have recently seen a number emails like below advising recipients that they should upgrade their account to continue recieving emails. This a phishing email and has not come from Microsoft, please do not click on any links and delete the email. 

 

Fake change of bank account details

Last updated 06/08/2019 1:27pm

Hi we are seeing a number of emails like this below pretending to be coming from the CFO to the payoll member of staff requesting a change of bank account details. Please speak to the requestor in person or via phone before making any bank account changes.

To report suspected spam emails to SMX, click here.