Beware fake Enterprise Agreement websites
30 Aug 2021
Let’s say you’re curious about an organisation so you perform a Google search “Company XYZ Enterprise Agreement”. Google provides some possible answers and you spy one listing that sounds like it has what you’re after. In fact, visiting the link you see that someone has asked the exact question you have, better yet, someone else has helpfully replied with a copy of the document!
If you think this sounds too good to be true, you would be right.
Threat actors are planting nasty malware surprises that masquerade as innocuous Enterprise Agreement documents. Knowing that people frequently search for such documents, they then game Google and other search engines’ results so that their documents appear near the top of the list. If you visit their compromised website you might see a page like the one pictured here. One click on that document link is enough to infect your PC with aggressive malware and risk compromising USC’s systems, putting our data in jeopardy.
This technique is known as Search Engine Optimisation (SEO) poisoning and it’s targeting people who might be looking for information on Australian organisations, be they a bank, a training organisation, another university, or even USC.
If you’re looking for information like Enterprise Bargaining Agreements, regardless of the organisation, please be careful to stay with reputable sources such as that organisation’s own listings or that of a related organisation such as a union website. If you end up on a site like the one pictured here, please don’t click the link, just close the window and choose a more mainstream link.