Scoop has an Ethical Paywall
Work smarter with a Pro licence Learn More

Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

SMX issues 'phishing attack' warning

Monday, 11 February 2013, 3:29 pm
Press Release: SMX

SMX issues 'phishing attack' warning

Auckland, New Zealand. 11 February 2013. Local email security company SMX is warning email users to be particularly careful not to click on “work from home” links contained within emails from xtra.co.nz or yahoo.co.nz senders.

SMX co-founder and chief technology officer Thom Hooker says a "phishing attack" on Xtra customers is resulting in a high volume of emails being submitted to SMX’s helpdesk for investigation.

He says all these emails seem to contain little more than a URL although most contain the original sender's email signature, which lends some credibility to the email.

The phishing emails indicate the Xtra account holder's Yahoo! mailbox has been compromised, allowing the attacker access to the compromised account's contact list. Those contacts have then been sent emails purporting to be from the Xtra user. Clicking the link takes the browser to a "Work from home for $$$" type of site but it is unclear if the site also attempts to install some malware or trojan at this time.

All the emails SMX has seen this morning are sent from either an @xtra.co.nz or @yahoo.co.nz email address. SMX operates dual anti-spam and anti-virus engines, as well as other technologies to detect such emails.

“SMX's filters are now blocking these emails from our customer's mail flow,” says Thom Hooker.

“SMX's initial analysis of the submitted emails indicates that this is a well coordinated attack using computers and IP addresses in multiple countries around the world. It appears to be a sophisticated attack designed to spoof legitimate senders and to fool the recipient into clicking the link in the email.”

Advertisement - scroll to continue reading

Are you getting our free newsletter?

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.

Thom Hooker says the phishing attack is a reminder of how important it is to maintain best practice email security management:
• don't click on random links in emails
• if you're unsure contact the original sender and confirm whether they meant to send you that email
• run up to date anti-virus software on your computers
• ensure all relevant software updates are installed
• choose secure passwords for your internet sites and change these regularly (every 3 months at least)
• don't use a common password for all your Internet logins.

Ends.

© Scoop Media

Advertisement - scroll to continue reading

Did you know Scoop has an Ethical Paywall?

If you're using Scoop for work, your organisation needs to pay a small license fee with Scoop Pro. We think that's fair, because your organisation is benefiting from using our news resources. In return, we'll also give your team access to pro news tools and keep Scoop free for personal use, because public access to news is important!

Go to Scoop Pro Find out more

Find more from SMX on InfoPages.
 
 
 
Business Headlines | Sci-Tech Headlines

BUSINESS, SCIENCE & TECH


 
work Join Scoop Pro
 
Submit News
 
person_add Become a Member
 
 
 
 
 

InfoPages News Channels

Inventory Management
 
 

LATEST HEADLINES

  • BUSINESS
  • SCI-TECH
 
 
 

Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.