Aust Post, Energy Aust and CityLink Scams - Weekly Digest

Posted by Emmanuel Marshall on 15 December 2017 15:24:03 AEDT

This has been a big week for email scams. We've detected and stopped malicious emails brandjacking Australia Post, Energy Australia, CityLink and MYOB. The internet's criminal element seem to be ramping up their efforts for the approaching holiday season. This is an especially hectic time of year for most of us, and scammers want to catch us when we're busy and stressed out. Most email-based cybercrime operates by tricking us into clicking on something we shouldn't, and when we're under pressure we can be less inclined to check if the email we receive is legitimate.


Fake Aust Post Email


MailGuard detected one especially cunning example of this sort of scam on Monday, in the form of a fake Australia Post email. As you can see in the screenshot, this message is meant to make the recipient think that the post office is holding an undelivered parcel for them.

We’re all eager to get our Xmas shopping on time, so we might not think twice before clicking a link in an email like this, but that would take you to a zipped file that contains malware.

MailGuard protected our clients from this attack but this kind of malware can do a lot of damage and many people with unprotected inboxes are still vulnerable.

Fortunately, our blog post about this scam caught the attention of the media. Outlets like, Smart Company,  New Idea, IT Wire, The Daily Mail, and Yahoo News did stories on the scam, helping to raise awareness. Hopefully, a few less people will be tricked by this scam thanks to the media coverage...

>> Read more about the Australia Post scam, here.


MYOB Invoice Scam

171212-myob-1.pngOn Tuesday MailGuard detected a new MYOB  brandjacking email being sent out in large numbers.

The email subject is shown as ‘Invoice INV-04085 from DXJ Company’ and the body of the message advises the recipient that they have an outstanding invoice requiring payment. This is not a legitimate MYOB message. Clicking on the ‘view invoice’ link in this email will take the recipient to a zipped JavaScript file which downloads spyware and viruses onto their computer...

>> Get more info about this fake MYOB Invoice scam, here.


Energy Australia Brandjacked

eau1.jpgWednesday: a large-scale email scam imitating Energy Australia was intercepted by MailGuard.

These emails are well-designed fakes that look very similar to actual Energy Australia messages.

This fake bill notification links to a zipped JavaScript file which contains malware in JavaScript format...

>> Get all the details on this email scam, here.


Thursday: Xero & CityLink Scams

citylink1.jpgYesterday, MailGuard intercepted a large volume of malicious emails. One scam is using the brand 
‘Xero’ to try and inspire trust and the other is a fake CityLink invoice.

The fake CityLink emails are a well-executed email scam trying to deceive recipients into thinking they have an outstanding fine requiring payment. You can see in the screenshot that the scammers are threatening that the recipient may receive a ‘fine from Victoria Police’ if they do not take action. Scammers use psychological tricks like this to increase their click rates...

>> Read more about the Fake Xero invoice scam, here.

>> Get all the details about the CityLink email scam, here. 


Think Twice Before Clicking

The scams we intercepted this week are leveraging a cybercrime technique known as 'brandjacking,' where well-known trademarks are ripped off to deceive scam victims.

There are some simple ways to reduce the risk of being tricked by brandjacking:

  • Watch out for emails that ask you to open or download files, especially if they are in .zip, .exe or .js format.
  • Spelling or grammatical mistakes in emails are often indications of a scam.
  • Never click on links in messages from unfamiliar senders.
  • If you’re unsure about a message’s legitimacy, don't click the link. Phone the company directly and ask about it, or type the companies web address directly into your browser.

>> More about brandjacking, here.


Protect Your Business

For a few dollars per staff member per month, you can protect your business with MailGuard's cloud-based email and web filtering security.

Talk to an expert at MailGuard today about making your company's network secure: 1300 30 44 30

Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:

Keep Informed with Weekly Updates




Topics: Cybersecurity email scams Threat Update weekly digest

Back to Blog


    Something Powerful

    Tell The Reader More

    The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


    • Bullets are great
    • For spelling out benefits and
    • Turning visitors into leads.

    Recent Posts

    Posts by Topic

    see all