Thursday, July 5, 2018

myGov Medicare payment site cloned. Beware.

One of my readers today let me know about a scam they'd just read about in the news.com.au site. It appears that scammers have set up a cloned version of the myGov Medicare payment site.

https://www.news.com.au/technology/online/security/mygov-medicare-payment-site-cloned/news-story/2d9f0dbd5c4e549f58a1a666e3952bcd?from=rss-basic&utm_medium=Facebook&utm_source=News.com.au&utm_content=SocialFlow&utm_campaign=EditorialSF

It starts with a fake email that appears to be from Medicare to update your payment details. You are then taken to the fake Medicare site that's designed to trick you into thinking you're at the real Medicare site.

The bottom line now is when you receive emails you now have to always be on your guard. Don't click on links without thinking about it first. Open your browser and go directly to the website instead of clicking on links.

Kelvin Eldridge
Online Connections
www.OnlineConnections.com.au
IT support

Monday, July 2, 2018

GoDaddy domain authorisation codes sent for multiple sites but not requested.

Recently a client's domain authorisation code was sent to me. For some reason I'm still listed as the contact on their domain even though I shouldn't be. At first I thought this may be the client's doing.

However, today I received five more requests for authorisation codes across three different domains.

I thought I'd share this because it indicates either a problem with GoDaddy's systems, or perhaps some form of attack on GoDaddy's systems.

It may be wise to keep an eye on your domains and make sure they are not transferred away from you without your knowledge, if there is an actual attack happening.

Kelvin Eldridge
Online Connections
IT support.

Update: I called GoDaddy in case their systems were under attack. They aren't. I suspect the reason is as from the 1st of July the organisation managing .com.au domains is changing. As a result of this GoDaddy most likely needs to update all the .com.au domains. Unfortunately a side effect of this is to send out authorisation requests to domain holders even though they have not requested them. In other words just ignore the requests there isn't any malicious activity occurring.