A malicious email that claims to be a renewal notification from the Australian Securities and Investments Commission (ASIC) is currently being distributed.
The email, which includes the ASIC logo and copyright notice, instructs you to click a “Renewal letter” link to access more information about a supposed company renewal.
The email is not from ASIC. Clicking the “Renewal letter” link downloads a malicious JavaScript (.js) file to your computer. If you open this .js file, it will then download and install further malware.
JavaScript is often used to install ransomware, which can lock up the files on your computer and then demand that you pay a fee to online criminals to receive a decryption key.
Or, it might install malware that can steal passwords and other sensitive information from the infected computer.
Fake ASIC notification emails have been used before to distribute malware or steal personal information.
ASIC is warning consumers about the scam messages via a notice on its website, which notes in part:
Scammers pretending to be from ASIC have been contacting Registry customers asking them to pay fees and give personal information to renew their business or company name.
These emails often have a link that provides an invoice with fake payment details or infects your computer with malware if you click the link.
If you receive one of these emails, do not click any links or open any attachments that it contains.
An example of the malware email:
Transcript:
Please find information in the following link regarding the renewal for your company.
Renewal letter
Select this link to view, save or print the information. This link will remain active for 14 days.
If you no longer need your business name to be registered, please email us at bncancel@asic.gov.au
If you have any questions, contact us at www.asic.gov.au/question
Regards,
[Removed]
Senior Executive Leader
Registry
Australian Securities and Investments Commission
Please consider the environment before printing this document
Information collected by ASIC may contain personal information. Please refer to our Privacy policy https://www.asic.gov.au/privacy for information about how we handle your personal information, your rights to seek access to and correct personal information, and how to complain about breaches of your privacy by ASIC.
NOTICE
This e-mail and any attachments are intended for the addressee(s) only and may be confidential. They may contain legally privileged or copyright material. You should not read, copy, use or disclose them without authorisation. If you are not the intended recipient please contact the sender as soon as possible by return e-mail and then please delete both messages. This notice should not be removed.
Original Source : https://www.hoax-slayer.net/asic-renewal-letter-malware-email/