In recent weeks, emails have been sent that mention one or more of the following: Cardinal George Pell, the complainant in his criminal trial, COVID-19 and – most recently – the upcoming Eden-Monaro byelection.
“The content in the small number of emails that have been forwarded to us is offensive, unChristian and, in some cases, defamatory,” said Fr Stephen Hackett MSC, general secretary of the Australian Catholic Bishops Conference.
“The views expressed in the emails we have seen do not in any way reflect the views of the Catholic Church, nor the organisations that are purported to have sent them.”
Information technology experts say the technique being used is call “spoofing”, which sees the attackers create fake email addresses using legitimate or seemingly legitimate domain names.
“This has been described as the equivalent of someone sending a letter in the post that is ‘signed’ in someone else’s name and contains a fake return address,” Fr Hackett said.
“Just as a letter of that kind would be hard to spot as fraudulent, some of the email addresses used appear to be legitimate and many people have contacted various Catholic organisations after receiving the messages.”
Organisations that are known to have been attacked have taken steps that can limit the sending and receipt of these emails, but those measures have limited effectiveness and rely partly on the spam and junk email settings of the recipients.
“There is no evidence to suggest that databases nor servers have been compromised, which is supported by the fact thatnsome of the people who have contacted us have no connection with the Catholic Church,” Fr Hackett said.
“It is deeply regrettable that a number of people are being maligned in these emails, which seem designed to attack Cardinal Pell, Witness J, the Catholic Church and now even politicians.”
Fr Hackett says a number of media reports have described an increase in the amount of devious online behaviour during the COVID-19 pandemic.
“We have been told that because these emails aren’t seeking money or seeking to access people’s personal details, they don’t meet the threshold for criminal investigation.
“We, nevertheless, see this behaviour as harmful and criminal,” he said.