Spam and phishing run targets Australians

Someone has their sights set on Australian users...

It seems the bad guys are targeting Australian Internet users this week. I got a few of these this morning, as did a couple of Risky.Biz listeners:

From: rules@abr.gov.au
Date: 14 September 2011 10:05:53 AM AEST
To:
Subject: Attention for the ABN owners
x-original-to: REDACTED
x-mailer: azzgnshjz.46

Australian Taxation Office together with Australian Business Register
wants to inform you that starting from January, 1 2012 new rules of use of ABN number are being introduced.

The changes will concern:
- GST credits;
- Australian domain names registration

More detailed information about the coming changes in the rules you can find HERE.

Australian Business Register
www.abr.gov.au

All links in the e-mail go to the domain australianbusiness-store.com.

That site drops an executable named updateTax15sept.pdf.exe.

Geez. I wonder if I should run it?

I also received a couple of other, similar messages purporting to come from the ATO. Again, all links pointed to the domain australianbusiness-store.com.

TL;DR: Drop domain australianbusiness-store.com at your gateway.

UPDATE: Our buddy Neal Wise at Assurance.com.au says the same spam run makes use of the domain australian-businesssite.com, too... Some on Twitter have reported hundreds of these spams coming through their gateway just this morning. Seems very tightly focussed on an Australian audience.

Patrick Gray on Twitter.

SUBSCRIBE NOW:
Risky Business main podcast feed:
Listen on Apple Podcasts Listen on Overcast Listen on Pocket Casts Listen on Spotify Subscribe with RSS
Our extra podcasts feed:
Listen on Apple Podcasts Listen on Overcast Listen on Pocket Casts Listen on Spotify Subscribe with RSS
Subscribe to our newsletters: