Daniel McShanag 26 September 2018 16:20:09 AEST 2 MIN READ

Beware of fraudulent eTicket email scam

In the biggest week of football finals, and coinciding with a surge in upcoming seasonal events, comes the latest email scam that invites recipients to ‘Download and Print Your eTickets.’

The email is a scam emanating from compromised MailChimp accounts. 


Anyone that unwittingly clicks the link reading ‘Click here to download and print your tickets’ will initiate a .ZIP file download containing a malicious JavaScript file.

To further disguise their intentions, the criminals behind the attack have changed the sender to ‘E-Ticket.’

The names of the compromised companies that the MailChimp accounts belong to can be seen in the ‘from address’ and the email ‘signature,’ although the email address is obscured in this image to protect the companies that are innocently embroiled in the scam.  

How can I protect myself from these types of email scams?

  • Check who it was sent by. Examine the sender or reply-to address and check that it hasn’t been sent from a similar, but recently-registered domain.
  • Be alert for strange sentence structure, or phrasing uncommon to the apparent sender.
  • Never sidestep formal processes for payments. If in doubt, ring the apparent sender. If they’re not available, wait until they are. A funds transfer is better to arrive later than to be lost without a trace to an overseas cybercriminal.
  • Implement scam-proof approvals processes for financial transfers such as two-factor authentication, which requires two employees to sign off on wire transfers
  • Education is imperative. Teach staff and employees what fraudulent emails look like. 
  • Ensure your email security is up to scratch. A cloud-based, threat detection service such as MailGuard will protect your staff in real-time from targeted attacks, without the dangerous time-lag common with signature-based antivirus vendors.


Click here to download your free executive guide, Surviving the Rise of Cybercrime, by MailGuard CEO and founder Craig McDonald.


Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update, or follow us on Twitter @MailGuard.

Keep Informed with Weekly Updates


^ Back to Top