Our Tuesday morning kicked off with a new scam from a bad-guy posing as a friendly photographer. Our team spotted this threat targeting inboxes mid-morning (AEST) and protected our clients from the threat immediately.
This scammer is trying to catch out unsuspecting people by sending them a friendly reminder about an unpaid invoice for “photography and printing services.” This is classic con-artistry - who’s going to suspect a ‘photographer’ of being a dangerous cyber-criminal in disguise, right?
Check out the screenshot:
If you got a message like this today, delete it immediately.
A lot of times, email scammers are using big, trusted brand-names to win the confidence of recipients, but in this case, the scammer seems to be taking the ‘under the radar’ approach by posing as a small business operator.
Email Stranger Danger
This email looks pretty innocent, doesn’t it? But actually, this message originates from a hijacked MailChimp email account. The scammer behind this one has broken into someone's MailChimp account and used it to broadcast thousands of these bogus messages.
Anyone unwary enough to follow the link, and open the file it points to would unwittingly open a nasty little piece of code that could download and install any number of exploitative malwares from keystroke loggers to trojan horses that would take over their computers.
This is another in a series of scammy emails that have come out of hacked MailChimp accounts recently. We keep a tight watch on these kinds of threats. When we caught this scam, MailGuard was the only cloud email security solution that had discovered the delinquent URL behind this scam.
Be wary of emails from people you don’t know that ask you to:
- view or download files
- click on links to services that you don’t subscribe to
- provide usernames and logins.
Always hover your mouse over links within emails and check the domain they’re pointing to. If they look suspicious or unfamiliar don’t open them.
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.If you’re experiencing problems, you can speak to a cloud security specialist on 1300 30 44 30 or email firstname.lastname@example.org.
Don’t get scammed