Attempted Phishing attacks
May 19, 2017 at 3:30 PM
Please be especially cautious with emails today and over the next week as we have received a number of reports of phishing attempts.
These emails will appear to come from a member of senior personnel at your organization and look something like -
"Are you available at the moment? I have some payments I need you to process today"
They are generally signed off as a senior manager, or owner of the business.
If you ever receive an email asking to immediately make a payment, or anything like that out of the ordinary, we highly recommend caution,
It is always good to confirm over the phone, or via a different method, never reply to the suspect email.
If you have received one of these emails, or have any queries, please don't hesitate to contact
You should forward this email on to anyone whom it may concern.
Phishing - There are various types of Phishing
This is an attempt to gain information such as usernames, passwords and credit card information by masquerading as a trusted party, usually via Email or instant messaging.
This could be pretended to be your bank, or even purporting to be from companies such as Spark, Vodafone, Trademe or Xero.
These are usually sent en masse and are not specifically targeted.
This is a Phishing attack that is targeted toward a specific company or individual.
The “Attacker” or “bad guys” will gather information through available channels, such as websites, social media and facebook in order to tailor their phishing messages and increase the chance of succeeding.
Currently this is the most successful type of phishing on the internet, and therefore the most popular, accounting for 91% of all attacks.
A Whaling attack is a ‘beefed-Up’ spear phishing attack specifically directed at senior executives and high profile targets within the business, and their direct reports.
They will careful craft an email or website to appear very legitimate and target specific roles and responsibilities, they will often have all the hallmarks of legitimacy and come in a variety of forms, sometimes asking for a wire transfer or perhaps a bill to be paid.
another common form is an official looking email from law enforcement or the legal sector forged to look like a legitimate subpoena which instructs the target to install special security software in order to read the subpoena.
Symptoms / signs
- Trust your instinct, if something doesn’t seem right, it probably isn’t
- Poor grammar, poor spelling, badly formatted
- Unusual requests
- Such as your boss, or a head of the organisation emailing that a wire transfer be paid immediately
- Unsolicited emails from any institution
- Unexpected changes to bank account details, or phone records
- Anything that requires you to install software to view a message.
What to do
If you suspect an email from an institution, bank, or other company that you have accounts with
- Contact the organisation through the regular channels if you are concerned
- Ask MCDIT to verify the email
If you suspect an email and you have no dealings with the organisation
- Delete the email.
- Ask MCDIT to verify the email.
If you receive an unusual request from an executive or manager, or any member of staff, or anyone at all.
- Never reply to the suspect message.
- Never use any contact details on the suspect message.
- Contact them using normal contact channels, phone or email – but write a new email to the address you would usually contact them on, confirming the request.
You receive an unusual request or order
- Contact MCDIT for confirmation
- Stop all communication.
- Inform staff regarding the attempt at scamming has occurred and ensure they maintain vigilance
What Mcdonald’s IT can do
McDonald’s IT have a number of tools at our disposal that enable us to investigate and verify the validity of emails, requests and communication,
In the event that an order is found to be unreliable or a scam, we will inform you of this.
We can assist with blocking phone numbers and email addresses – unfortunately, this is of less use than in the past as the scammer, more often than not, will utilize a different email and phone number to prevent being added to the list of know email and phone scammers.
We will report the scammer to their ISP and abuse contacts – all companies providing connectivity and hosting (including Email and VoIP) must provide the ability to report abuse – such as those attempting to engage in illegal activities.
Where it is provident we will communicate with the New Zealand police and relevant law enforcement to ensure the information is not useful, where it potentially is we will assist them with their inquiries.
We will also provide a description of the attempted scam to the DIA and other relevant scam watchdogs so they can add the information to their database if they are not already aware.
We will not identify the individuals involved nor the organisation without prior consent.
We will never share any confidential information with any outside party.