Scams like these

ayebee said:
this is a new one on me ... a birthday invitation from someone I don't know.
So tempting to open and find out more... do I really know her? (I blanked the name just in case it is a real person and my email has just got there by some error.
Punchbowl is a legitimate online invitation provider, but the link is abre.ai/xx_x, which is also a legitimate abbreviated url provider, but who knows if the "xx_x" goes to Punchbowl.
Click to expand...

It's quite unlikely to get any kind of malware from just clicking a link. Entering details on a fake page or executing an automatically downloaded file is where you'll get in trouble.
 
Phoenix-1 said:
It's quite unlikely to get any kind of malware from just clicking a link. Entering details on a fake page or executing an automatically downloaded file is where you'll get in trouble.
Click to expand...
Unless there’s a downloadable File at the link - which is as bad as opening an email attachment.

If unsure, sound advice for all is Don’t open attachments and Don’t click on links.
 
SYD said:
Unless there’s a downloadable File at the link - which is as bad as opening an email attachment.

If unsure, sound advice for all is Don’t open attachments and Don’t click on links.
Click to expand...

Even downloading a file won't cause issues. As long as you don't run them. (Yes, there are exceptions for zero-click / 0-day exploits which is why you shouldn't do this at work)
 
Phoenix-1 said:
It's quite unlikely to get any kind of malware from just clicking a link. Entering details on a fake page or executing an automatically downloaded file is where you'll get in trouble.
Click to expand...
On the contrary. Using Outlook and some other clients, this can cause visit infections.
 
Phoenix-1 said:
It's quite unlikely to get any kind of malware from just clicking a link. Entering details on a fake page or executing an automatically downloaded file is where you'll get in trouble.
Click to expand...
Its so unlikely that our workplace runs regular training and also does tests to see if anyone falls for clicking on links. I once clicked on a link that was a pdf file. All hell broke loose and I was bombarded with 000's of emails in 3 days. Attempts were made to hack my Velocity account.
 
Bit of a worry, download an app and it steals from your bank account!
How? All the articles on this are very light on detail. Is it stealing from Google wallet? Are bank apps vulnerable? How does it get around passwords or pins?

What should I not be storing on my phone that allows withdrawals without logging in? Delete bank apps?

www.abc.net.au

The scam tricking Australians into downloading 'dreadful' malware

Scammers are targeting Australians with advertisements for 'free' tai chi classes to trick them into downloading malware capable of stealing money off their devices.
www.abc.net.au www.abc.net.au
 
Score 10,000 Bonus PayRewards Points on your business spend!*
Elevate your business spending to first-class rewards! Sign up today with code AFF10 and process over $10,000 in business expenses within your first 30 days to unlock 10,000 Bonus PayRewards Points.
Join 30,000+ savvy business owners who:

✅ Pay suppliers who don’t accept Amex
✅ Max out credit card rewards—even on government payments
✅ Earn & transfer PayRewards Points to 10+ airline & hotel partners

Start earning today!
- Pay suppliers who don’t take Amex
- Max out credit card rewards—even on government payments
- Earn & Transfer PayRewards Points to 8+ top airline & hotel partners

AFF Supporters can remove this and all advertisements

Brissy1 said:
Bit of a worry, download an app and it steals from your bank account!
How? All the articles on this are very light on detail. Is it stealing from Google wallet? Are bank apps vulnerable? How does it get around passwords or pins?

What should I not be storing on my phone that allows withdrawals without logging in? Delete bank apps?

www.abc.net.au

The scam tricking Australians into downloading 'dreadful' malware

Scammers are targeting Australians with advertisements for 'free' tai chi classes to trick them into downloading malware capable of stealing money off their devices.
www.abc.net.au www.abc.net.au
Click to expand...
It could just be something as simple as “Register” with a card and those usual statements about “You won’t be charged” etc

But they do take your money…

NSW Police flagging it.

IMG_9890.jpeg
 
Happy Dude said:
Its so unlikely that our workplace runs regular training and also does tests to see if anyone falls for clicking on links. I once clicked on a link that was a pdf file. All hell broke loose and I was bombarded with 000's of emails in 3 days. Attempts were made to hack my Velocity account.
Click to expand...

Workplaces are a completely different target for this kind of malware. The likelihood is still low, but the odds are higher that someone would use a zero-click exploit to target a business as opposed to a random individual.
Brissy1 said:
Bit of a worry, download an app and it steals from your bank account!
How? All the articles on this are very light on detail. Is it stealing from Google wallet? Are bank apps vulnerable? How does it get around passwords or pins?

What should I not be storing on my phone that allows withdrawals without logging in? Delete bank apps?

www.abc.net.au

The scam tricking Australians into downloading 'dreadful' malware

Scammers are targeting Australians with advertisements for 'free' tai chi classes to trick them into downloading malware capable of stealing money off their devices.
www.abc.net.au www.abc.net.au
Click to expand...

It's probably this:

www.malwarebytes.com

New Android malware lets criminals control your phone and drain your bank account

Albiriox now targets over 400 financial apps and lets criminals operate your phone almost exactly as if it were in their hands.
www.malwarebytes.com www.malwarebytes.com

As long as you are NOT sideloading apps (only installing apps via Google Play store), you will minimise your chances of being affected. If you're on iOS then this can't affect you.
 
Last edited:
I always thought that banking apps on Android were insecure, so I don't have them on my phone. It might be inconvenient at times, but I'll wear that.

And I also never use public or hotel free wifi, as I've found (nearly to my cost) that scammers can be listening in to your conversations. Better to be safer than sorry and just use phone data connections.

You might say, why not use a VPN (which I do), but some websites won't work with a VPN, unfortunately. Looking at you Qantas (and others).
 
Phoenix-1 said:
It's probably this:

www.malwarebytes.com

New Android malware lets criminals control your phone and drain your bank account

Albiriox now targets over 400 financial apps and lets criminals operate your phone almost exactly as if it were in their hands.
www.malwarebytes.com www.malwarebytes.com

As long as you are NOT sideloading apps (only installing apps via Google Play store), you will minimise your chances of being affected. If you're on iOS then this can't affect you.
Click to expand...
Wow what a powerful malware, can even get around sms 2fa , so can also change daily banking limits.
Phoenix-1 said:
As long as you are NOT sideloading apps
Click to expand...
But as the article mentions, "In at least one campaign, victims were lured with a bogus retailer app that mimicked a Google Play download page" ; or perhaps a simple "click here to register..."

Sms 2fa should now be redundant. An Authenticator app (eg Macquarie bank) or biometric hopefully becomes the norm.

But I still don't understand how they login to your bank app without its pin
 
SYD said:
It could just be something as simple as “Register” with a card and those usual statements about “You won’t be charged” etc

But they do take your money…

NSW Police flagging it.

View attachment 500446
Click to expand...

I was seeing an embedded ad on AGE / SMH today that looked a lot like this ... caution needed.
 

Become an AFF member!

Join Australian Frequent Flyer (AFF) for free and unlock insider tips, exclusive deals, and global meetups with 65,000+ frequent flyers.

AFF members can also access our Frequent Flyer Training courses, and upgrade to Fast-track your way to expert traveller status and unlock even more exclusive discounts!

AFF forum abbreviations

Wondering about Y, J or any of the other abbreviations used on our forum?

Check out our guide to common AFF acronyms & abbreviations.

Recent Posts

Currently Active Users

... and 47 more.
Total: 1,084 (members: 97, guests: 987)
Back
Top