Breaking: High-volume malware attack thwarted

Posted by Jaclyn McRae on 31 August 2016 16:40:29 AEST

MailGuard is today blocking a large-scale run of email attacks aiming to implant malware with a single click.

Disguised as a reminder about an unpaid invoice from an ‘Accounts Payable’ worker, the generic email asks the recipient to arrange immediate payment of $38.50.

The email is not personally addressed to the recipient and has no contact name or company signature. The body text is the same for all recipients.



The email appears to be sent from a forged financial address. The scammers ask recipients to email an address matching the forged domain to confirm the payment has been made. 

The email includes a .zip attachment that appears to be the invoice. If clicked by a curious recipient, a javascript file downloads a Trojan from a remote location on the internet.

The javascript file is obfuscated in an attempt by the scammers to evade antivirus software.

MailGuard has blocked the attack today which targeted a large volume of customers.

Why is this type of email scam dangerous?

By clicking and running the executable files, you are allowing malware to be installed in the form of a Trojan.

Trojans sit quietly in the background, taking actions not authorised by the user, such as modifying, stealing, copying or even deleting data.

This type of malware is most dangerous because the user may not notice it running in the background until they are made aware: this can be weeks or even months after the event.

How can I protect myself from these types of email scams?

To reduce the risk of being tricked by one of these scams, immediately delete any emails that seem suspicious and ask you to download files or click any links within an email to access more information.


By employing a cloud-based email and web filtering solution such as MailGuard, you’ll reduce the risk of new variants of malicious email from entering your network.

Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update or follow us on social media.

Keep Informed with Weekly Updates

^ Back to Top

Topics: Cyber Criminals Malware email scam Email Spam Trojan Scam JavaScript invoice scam

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all