New MYOB brandjacking scam
MailGuard has detected a new email scam attempting to deliver malware to victim’s computers.
The scam message - shown in the screenshot above - shows MYOB branding and purports to be a document notification email.
“Attached is your invoice… for $862.30” reads the message text.
The attached file contains a malware payload designed to infect the victim’s computer.
This message is originating from a wide variety of sending addresses. This kind of brandjacking email scam can install viruses, ransomware, and a host of other damaging malware types.
If you see this message in your inbox, delete it immediately to avoid any risk of malware infection.
What is brandjacking?
Brandjacking is basically a kind of forgery. Scammers use the trademarks of well-known companies in their emails to deceive their victims and gain their trust.
In a typical brandjacking scam, criminals create email templates that look like messages from big companies and send them out wholesale to millions of recipients. When the scam message shows up in a victim’s inbox they feel safe opening it because it looks like a legitimate message from a familiar company.
Some commonly used brandjacking formats are fake invoice notifications or requests for account verification.
Don't get scammed
If your company’s email accounts aren’t protected, scam emails like the one above are almost certainly being received by your staff. Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.
People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.