Cybercriminals May Be Using Go Via To Target New Victims

It seems like every day there is a new phishing scam or ransomware virus making headlines and giving business owners and individuals alike something new to worry about. Cybercrime is on the rise, and the perpetrators are coming up with new tricks and tactics as fast as cyber security professionals can uncover them.

Cyber Security

A new malware infection seems to be targeting Australians using the popular Go Via website. This much-used toll payment provider gives users a fast and convenient way to take care of toll fees racked up during their daily commute and other travels. Recently, an email claiming to be from Go Via is making the rounds, and it has IT professionals concerned.

The email contains a message similar to this:

Subject: your go via tax invoice statement now

Dear Client

Your go via tax invoice statement is now available for download

If you have a post-paid account, ensure your monthly invoice is paid by the due date to avoid unnecessary fees.

To view previous tax invoice statements, login to your account using your account number and PIN at govia.com.au

You can view up to 18 months of tax invoice statements online anytime, at no extra cost.

While the reply address appears to be legitimate, the link informing the recipient that their statement is “available for download” does not. If you were to hover your mouse over the hyperlink, it would reveal that it directs you not to the Go Via website, but rather to someone’s personal Office 365 account. Specifically, to an unknown individual’s SharePoint account. If you were to click on this link to download the promised statement, the only thing you would be receiving would be a malicious infection.

Incidents like this serve as a reminder to constantly stay on alert when checking your inbox. Even when an email looks to be legitimate, it’s always worth taking an extra minute or two to carefully read through the message and double-check that any attachments or embedded links are what they claim to be before you click.

Hovering your mouse over a hyperlink, even one that doesn’t appear to have been altered (meaning it appears as a web address) will reveal where the link actually leads. If the revealed link doesn’t match the hyperlink, leads to a different domain, or leads somewhere entirely different from where the hyperlink text implies, DO NOT CLICK. Often the only thing you need to do is open an infected link to activate whatever malicious payload its attached to, meaning that once you end up on a strange site and realize something is off, it’s already too late.

Taking the time to practice smart email behavior and training your employees to do the same can protect your business against scams and cyber attacks that have the potential to do serious damage.

Want to learn more about the steps you can take to protect your business against cyber attacks and phishing scams? Contact Xstra Group today at sales@netonetech.com or (561) 432-7823. We’re the IT professionals South Florida businesses trust.

sign up for our newsletter

Stay up to date with the latest IT news by signing up to our newsletter

connect with us

contact info

  • 100 E. Linton Blvd, Suite 302ADelray Beach, FL 33483

  • (561) 432_-7823

    (561) 434_-3781

Net One