There’s a nasty email scam out today that’s impersonating an Australian wedding photography company; 'Corral Photography.'
MailGuard has detected a batch of scam emails that are designed to look like invoice notifications from the photographer and contain a ‘view invoice’ link which directs the victim of the scam to a file containing malware - see screenshot, above.
The malicious emails are being sent from a compromised MailChimp account and display a variety of sender addresses:
- From: Corral LLC <firstname.lastname@example.org>
- From: Corral Photography LLC <email@example.com>
- From: InvoiceDetailsm <firstname.lastname@example.org>
The fact that the sender address domains use the URL ‘corralphotography.com.au’ suggests that the compromised MailChimp account may actually belong to Corral Photography, although it has not been confirmed at this time.
Corral Photography has Tweeted this morning warning their clients about the scam using their name:
I have just received numerous calls about bogus invoice spam that seemed to come from me. Please ignore and delete. Apologies for anyone receiving it.— Ronald Corral (@corralphotog) March 12, 2018
MailGuard is communicating with the management of Corral Photography to make them aware of the details of this attack.
Please share this post on your social networks and help us warn people about this scam.
Doing business online opens up opportunities for collaboration on an unprecedented level, but with that opportunity comes significant risk. Cybercriminals use simple scam emails to infiltrate organisations with malware and attack them from the inside.
All criminals need to break into your business is a cleverly worded email; if they can trick one person in your company into clicking on a malicious link they can gain access to your data.
For a few dollars per staff member per month, you can protect your business with MailGuard's predictive email security.
Talk to an expert at MailGuard today about making your company's network secure: click here.
Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below: