1300 739 335

Alert: New Phishing Campaign Targets Domain Owners With Emails Impersonating auDa

Be on the lookout for scam emails that appear to be from the .au domain administrator, auDA. This is the latest major phishing scam to target users in Australia.

Australian domain owners (.au registrants, in particular) are being warned of a new phishing campaign in which cybercriminals are impersonating the .au domain administrator. These emails are fraudulent and request personal information including scanned copies of identification documents from the recipient.

Phishing is a method in which cybercriminals send fraudulent emails that appear to be from reputable sources in order to get recipients to reveal sensitive information, download dangerous malware, or execute significant financial transfers. It’s one of the most dangerous cybercrime tactics in use right now, causing $1.7 billion in losses worldwide last year alone.

What Do Phishing Emails Look Like?

The key to defending against phishing is learning how to spot a phishing email. In the case of this auDA campaign, a sample email has been provided:

Subject: Please Confirm {BLANK} Domain Name Ownership


We would like to inform you that starting from the 10th of January 2021 we are requested to obtain and verify all .au domain name owners information. 

You are listed in our database as the owner of {BLANK} domain name. In order to keep the domain active please reply with the following:

  1. Photo Identification

A clear, readable, valid and unaltered scanned color copy or photo of one of the following documents:

  • The photo page of your passport
  • Driver license (front and back) 
  1. A clear, readable, valid, and signed colour copy of  your Medicare Card (front and back)

Rest assured that all documents are handled securely in accordance with our data privacy. 

We are hoping for your kind understanding and we appreciate your response to this email within 24 hours to avoid the cancellation of your domain.

Looking forward to hearing from you regarding the matter.


These emails appear to come from the .au administrator. They also have an implied urgency, which is meant to get the recipient to react quickly without thinking about the veracity of the message.

Can You Spot A Phishing Email?

Whether it’s one of these newer phishing emails disguised as a message from auDA, or one of the other 14.5 billion phishing emails sent every day, you need to know how to spot them:

  • Check The Right Fields: If you’re unsure about an email, check the details on the email itself – specifically the “mailed-by” and “signed-by”, both of which should match the domain of the sender’s address.
  • Suspicious Links: Always be sure to hover your mouse over a link in an email before clicking it. That allows you to see where it actually leads. While it may look harmless, the actual URL may show otherwise – always look, and rarely click.
  • Spelling and Grammar: Modern cybersecurity awareness comes down to paying attention to the details. When reading a suspicious email, keep an eye out for any typos or glaring errors. Whereas legitimate messages from your bank or vendors would be properly edited, phishing emails are notorious for basic spelling and grammatical mistakes.
  • Specificity: Another point to consider is how vague the email is. Whereas legitimate senders will likely have your information already (such as your first name) and will use it in the salutation, scammers will often employ vaguer terminology, such as “Valued Customer” – this allows them to use the same email for multiple targets in a mass attack.
  • Urgent and Threatening: If the subject line makes it sound like an emergency — “Your account has been suspended”, or “You’re being hacked” — that’s another red flag. It’s in the scammer’s interest to make you panic and move quickly, which might lead to you overlooking other indicators that it’s a phishing email.
  • Attachments: Phishers will often try to get you to open an attachment, so, if you see an attachment in combination with any of the above indicators, it’s only more proof that the email is likely part of a phishing attempt.

In the end, the key to phishing methodology is that it doesn’t rely on digital security vulnerabilities or cutting edge hacking technology; phishing targets the user, who, without the right training, will always be a security risk, regardless of the IT measures set in place.

Need Help Developing Your Phishing Defence?

If you’re unsure of how to train your staff to identify phishing emails that threaten your business, Steadfast Solutions is here to help. We will assist you in developing a culture of cybersecurity at your business that will help defend your data.

Latest Blog Posts

Watch Our Latest Tech Videos From Steadfast solutions

Subscribe To Our YouTube Channel

When Was The Last Time You Tested Your Backup?

Is Your Microsoft 365 Data Backed Up?

Are You Cybersecurity Aware? Cybersecurity Awareness In Australia

How Information Technology Enables Businesses To Do Great Things

Ransomware Recovery In Melbourne Australia | Call Steadfast at 1300 739 335

Cloud Desktop Support In Melbourne | Call Steadfast at 1300 739 335