pinkeyes - stock.adobe.com
Scammers impersonating the ACSC on the prowl
The Australian Cyber Security Centre warns of scammers who are using its name to gain control of personal computers and trick users into revealing personal information
Scammers claiming to be from the Australian Cyber Security Centre (ACSC) have been tricking Australians into revealing their passwords and other personal information.
In an alert issued 6 January, the ACSC said the scammers had used its name to send emails to individuals claiming that their computers were compromised, along with a malicious link requesting they download an “antivirus” software to resolve the issue.
If clicked on, the link downloads and installs malicious software onto the individual’s computer.
The ACSC also warned of reports of cyber criminals calling individuals from a spoofed Australian phone number, requesting that they download remote access tools such as TeamViewer or AnyDesk onto their device to resolve malware issues.
The scammers then attempt to persuade recipients to take actions, such as entering a URL into a browser and accessing online banking services, which then compromises their computer to reveal banking information.
Cyber crime is one of the most pervasive threats facing Australia, and the most significant threat in terms of overall volume and impact to individuals and businesses.
According to the Australian Competition and Consumer Commission’s (ACCC’s) Targeting scams 2019 report, Australians had lost over A$634m to scams in 2019.
While the true cost of cyber crime to the Australian economy is difficult to quantify, industry estimates have previously placed cyber security incidents as high as A$29bn annually.
Amid the pandemic, the number of spear phishing campaigns has spiked. Between 10 and 26 March 2020, the ACSC received over 45 pandemic related cyber crime and cyber security incident reports while the ACCC’s Scamwatch team received over 100 reports of Covid-19 themed scams.
In August 2020, the Australian government updated its cyber security strategy which focuses on protecting critical infrastructure and tackling cyber crime, including on the dark web, among other areas. A total of A$1.67bn will be invested into the strategy over 10 years.
Read more about cyber security in Australia
- The Australian Cyber Security Centre and the Digital Transformation Agency release new cloud security guidelines to support the secure adoption of cloud services across government and industry.
- Australian organisations can address data protection challenges by creating roles such as a data governance lead, classifying data and improving employee awareness of cyber hygiene.
- About four in 10 employees are sharing inappropriate data across mobile devices and half of all security incidents in 2019 occurred through inappropriate IT use, study finds.
- Supply chain security risks can wreak havoc for Australian firms if measures are not taken to deter cyber attackers from exploiting a supplier’s security gaps to target another firm.
