The Australian Competition and Consumer Commission is warning businesses to watch out for scam emails that claim to be from the ACCC but in fact contain links that can infect your computer with malware.
In the past week, several businesses have reported receiving bogus requests from the ACCC to respond to a complaint that has been made about their business, or seek payment for an infringement notice for breach of copyright.
Both scams encourage the recipient to find out more by either clicking on a link disguised as a .pdf file or responding to contact details in the email. In the first scam, the embedded link is actually a .zip file that will download malware on to your computer or device.
“The ACCC is warning people that there are scammers trying to use the ACCC’s name to try and to steal money from businesses. People should be on the lookout for ransomware, which is a type of malware that freezes your computer and demands a ransom for you to be able to access your computer again. Scammers commonly ask for bitcoins or ask you to transfer money by wire transfer but even if you pay the fee, there is no guarantee that your computer will be unlocked,” ACCC Deputy Chair Dr Michael Schaper said.
“Fortunately, no money has been reported lost from these particular scams to Scamwatch yet. The emails are easy to spot as fakes and you can avoid falling victim by checking the email address of the sender before clicking on any links.”
Scammers have been using email addresses such as @accc.govt.au or firstname.lastname@example.org. Australian government agencies do no use free web based email accounts like outlook.com and our emails end with .gov.au, not .govt.au. If you hover your mouse pointer over links they will generally display the real address or file name. Zip and .exe files are easily disguised as pdf files but can contain malware.
“Both of the scam emails circulating are simply addressed to a non-specific ‘Business Owner’ and may contain errors. If you unexpectedly receive an email from the ACCC, do not click on any links or respond to contact details provided in the email. Instead, independently source contact details for the ACCC through an internet search or phone book,” Dr Schaper said.
Example of a scam email
- Do not click on any suspicious links in emails and check the sender’s address very carefully. If you think it is a scam, delete the email.
- Ensure your business has up-to-date virus protection and firewall software installed.
- Regularly back-up your computer’s data on a separate hard drive. If your computer is infected by malware or ransomware you can restore the factory settings and easily re-install all of your software and data.
- Do not respond to contact details provided in unsolicited emails. Independently verify contact details from the phone book or search online for official details.
- Keep your staff informed about security threats and provide them guidance on how to deal with scam emails.
You can report scams to the ACCC via the Scamwatch Report a Scam page.
Stay one step ahead of scammers, follow @Scamwatch_gov
Use this form to make a general enquiry.