Australian Fair Trading
What a cheek! Cyber criminals aim to steal your identity by putting out an email confirming your “complaint” about identity theft!
No, they are not psychic but if you do fall for this email, you might well be putting in a complaint about identity theft.
The email purports to come from the Australian Office of Fair Trading and is personally addressed to you. It informs you that your complaint about identity theft has been recorded.
It requests that you make a hard copy record by printing out the attached document. However the attachment contains potentially malicious software.
More than likely, this software is aimed at stealing your identity by installing spyware, which logs your keystrokes to steal passwords and other personal information.
The Australian Office of Fair Trading does not exist, although its name appears intended to imitate the various state and territory Offices of Fair Trading in Australia. The originating email address purports to be "firstname.lastname@example.org", which is not a valid address, but resembles those used by the ACT Office of Fair Trading.
The ACT Office of Fair Trading has confirmed that the recipients have not been obtained from their databases and there is no indication of a security issue with any of the databases maintained by the ACT government.
This indicates that the distribution list has been harvested in some other way.
There are also a number of ways that clever scammers can make the email appear as if it is personally addressed to you. For example, they can install a program in the email they send out to capture your Display Name and embed it in a template email.
Consumers are warned to delete the email as soon as they recognise it, and to contact their Internet Service Provider or other source of technical support if they have opened the attachment.
Any links in the email should not be followed, and consumers should not reply to it, nor should they open the attachment. Consumers are reminded that up-to-date virus protection and spam filtering on email accounts are essential for all computers.
Identity fraud is a huge concern right across the world and the smallest personal detail can be used by people to establish a fraudulent identity.