Daniel McShanag 24 April 2019 14:35:51 AEST 2 MIN READ

Box email scam mimics business file-sharing platform

Box, a popular cloud-based file sharing and collaboration platform for business, is the subject of the latest brandjacking email that started landing in inboxes Tuesday (AEST).

The official www.box.com website claims that ‘Box lets you securely manage, share and access your content from anywhere. Box is how the most demanding enterprises drive digital transformation. Online Collaboration. Enterprise Grade Security.’

Sneaky cybercriminals are trading on the good reputation of Box, by impersonating them with an email that purports to be a file shared by a business associate using the platform. An example of the well formatted email, which accurately represents the brand, is below.


In actual fact, the download contains a link to a phishing site that has been designed to harvest sensitive information and passwords from unsuspecting users. MailGuard urges all email users to be vigilant when accessing their inboxes, and to look out for tell-tale signs of malicious emails.

How can I protect myself from these types of email scams?

To reduce the risk of being tricked by one of these scams, you should immediately delete any emails that:
• Seem suspicious and ask you to download files or click any links within an email to access your account or other information.
• Are purporting to be from businesses you may know and trust, yet use language that is not consistent with the way they usually write (including grammatical errors)
• Ask you to click on a link within the email body in order to access their website. If unsure call the company/person directly and ask whether the email is legitimate.

Don't get scammed

If your company’s email accounts aren’t protected, emails like the one above are almost certainly being received by your staff.  Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.

People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.

For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs: expert@mailguard.com.au

Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update, or follow us on Twitter @MailGuard.

Keep Informed with Weekly Updates


^ Back to Top