In a cyber-attack that is still ongoing, cyber criminals are mimicking leading accounting software brand MYOB, delivering fake invoices to unsuspecting email recipients. The large-scale attack was first blocked by MailGuard early on Tuesday AEST.
The well formatted HTML email looks legitimate, and comes from a variety of different businesses, with a link to an MYOB invoice. The email claims that payment of the invoice is due shortly on 20 October.
By clicking the link, unsuspecting users are directed to a compromised SharePoint (One Drive) site that hosts a malicious ZIP, which MailGuard suspects contains a Trojan downloader.
At the time of writing, no other vendors are detecting this scam as malicious.
Avoid being duped:
Be very suspicious of any emails that seem awry – either because of lack of customisations (e.g. a generic salutation), ill-timing or if you are not expecting correspondence or an invoice from a particular organization.
For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering to your business security. You’ll significantly reduce the risk of zero-day (previously unknown) threats and stop new variants of malicious email from entering your network.