the regulator emailed Australian businesses on Wednesday morning with malware-laden notices . The emails reportedly asked customers to renew their business details via provided links , which , when clicked , would activate a Javascript dropper and infect computers with malware . Email security vendor MailGuard issued an alert suggesting a stolen ID may have been used to help set up the scam . The originating domain , austgov.com , was registered in China , where strict regulations around domain registration require an authentic ID to be scanned . MailGuard also said the domain was backed by a legitimate email infrastructure , which helped the emails bypass email server spam detection . The emails come withAttack.PhishingASIC and Australian Government branding and puts anyone who follows their instructions at risk . ASIC recommends users keep antivirus software up to date , be wary of emails that do not address recipients by name or that spell recipients ’ names incorrectly and be suspicious of emails with unknown attachments .