Gabi Power 07 April 2022 11:06:06 AEST 4 MIN READ

Don’t Fret – Your Domain Server Isn’t Suddenly Blocking Emails

A new scam is now being intercepted and blocked by MailGuard, which claims that your domain server has stopped incoming emails and aims to steal your password. 

 The subject line reads “{ 7 New inbox messages Suspended }” and comes from “no-reply(at)sendover(dot)net”. The display names vary for each recipient depending on the users domain address (e.g. “”).  

 The header of the email again shows the users email’s domain address with the body of the email stating that “your email’s domain server has suddenly stopped the delivery of [ 7 ] new incoming inbox messages” and to “review your below session authentication” in order to retrieve the emails.  

 Here’s what the email looks like:  

{ 7 New inbox messages Suspended } - Mozilla Thunderbird_856

When a user clicks on the 'Review Authentication’ button, the individual is taken to a generic looking phishing page. There is no domain branding, and the URL directs to a page with the users email address, asking to enter their password.  

Mail _ Sign-in — Mozilla Firefox_855 copy

Once these credentials are entered and submitted, the attacker harvests them for later use, and the page is redirected to the users email address’s domain (e.g.  

When receiving emails such as this, remember to check the sender email address to see if it’s legitimate. Also keep an eye out for grammatical errors, or sentences which don’t flow naturally such as “review your below session authentication here”. If you’re still unsure, contact the domain host directly to check the email’s legitimacy before clicking any links, or entering any details.  

MailGuard strongly recommends all recipients of this email to delete it immediately without clicking on any links. Providing your personal details can result in your sensitive information being used for criminal activity and may have a severe negative impact on your business and its’ financial well-being.    

MailGuard urges users not to click links or open attachments within emails that:      

  • Are not addressed to you by name.      
  • Appear to be from a legitimate company but use poor English or omits personal details that a legitimate sender would include.      
  • Are from businesses that you were not expecting to hear from, and/or      
  • Take you to a landing page or website that is not the legitimate URL of the company the email is purporting to be sent from.     

One email is all that it takes     

All that it takes to devastate your business is a cleverly worded email message that can steal sensitive user credentials or disrupt your business operations. If scammers can trick one person in your company into clicking on a malicious link or attachment, they can gain access to your data or inflict damage on your business.     

For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security. Talk to a solution consultant at MailGuard today about securing your company's inboxes.  

Stay up-to-date with MailGuard's latest blog posts by subscribing to free updates. Subscribe to weekly updates by clicking on the button below.  

Keep Informed with Weekly Updates