Drivers targeted in fresh toll scam

Posted by Jaclyn McRae on 07 August 2017 16:29:34 AEST

A fake toll road invoice is targeting Queenslanders – and visitors to the state – with malware.

The realistic-looking ‘go via’ statement email started hitting inboxes on a large scale this morning.

The email advises that their tax invoice is available for download. But the ‘Download statement’ button hides a malicious JavaScript file.

Download_your_go_via_tax_invoice MailGuard Aug7-822695-edited.png

The domain used in the scam,, was registered in China early today – less than seven hours before the fake invoice began landing in inboxes.

It’s not the first time go via, which is responsible for toll roads in Queensland, has been used in an email scam.

The company’s website offers a security warning about go via-branded email scams.

“Anyone who has received this email should delete it immediately and ensure you do not click on any links provided,” the company advises.

“Customers with any queries regarding emails from go via or their account should contact us on 13 33 31.”

Tollway invoice fraud is on the rise this year, with a similar attempt impersonating NSW Roads and Maritime Services in June.

Tell-tale signs of email scams

  • Generic greetings, such as ‘Dear customer’
  • A sense of urgency: “Ensure your invoice is paid by the due date to avoid unnecessary fees”
  • Bad grammar or misuse of punctuation and poor-quality or distorted graphics (this attempt isn’t let down by bad grammar, making it more likely some people will take the bait).
  • An instruction to click a link to perform an action (hover over them to see where you’re really being directed)
  • Obscure sending addresses (for example, – go via’s real domain is

For a few dollars per staff member per month, add MailGuard's cloud-based email and web security to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.

Keep Informed with Weekly Updates


^ Back to Top

Topics: Malware email scam Cybersecurity cybercrime Survivingcybercrime hoax email

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all