eFax becomes latest victim of brandjacking

Posted by Akankasha Dewan on 15 October 2018 15:40:42 AEDT

Do not be fooled if you receive a legitimate-looking email from eFax informing you of a new fax delivery. The email is a fraud and could possibly infect your computer.

Appearing via the display name ‘eFax’, the email actually comes from a large number of compromised WordPress websites.

It informs recipients that they have received a fax, and offers a link to view the fax. MailGuard understands the link leads to a malicious file download, although in some cases users are led to a blank page.

E-Fax email scam blog 

As can be observed from the screenshot of the scam email above, several measures have been adopted to trick the recipient into thinking the email is a legitimate one from eFax.

The branding of the company has been incorporated in the email, along with a reference number and the mention of eFax’s supposed website. All this has been done in an attempt to dupe people into viewing the above mentioned ‘new fax’ so they will click on the compromised link.

Such tactics are commonly adopted by cybercriminals looking to hack into computer systems. Brands such as the AFP and AGL have also recently fallen victim to such brandjacking.

Why are brand-impersonation scam emails so popular?

There are many factors. But in short, cybercriminals prefer to rely on the hard work of others.

By targeting popular brands, recipients are more likely to have a relationship or be familiar with the company or service being impersonated. That’s an instant foot in the door. 

Why the risk extends beyond professionals who use eFax

eFax – and the companies that use this software – are innocent parties in this invoice scam.

But it’s not just direct customers at risk. Because the fraudulent email has been distributed so widely, it widens the net with regard to the number of people susceptible to the scam.

This presents a real risk – particularly for businesses that enable employees to check their personal email on work computers.

Effective cybersecurity requires a multi-layered strategy. For a few dollars per staff member per month, add MailGuard's predictive email security. You’ll significantly reduce the risk of malicious email entering your network.

Talk to an expert at MailGuard today about your company's cybersecurity needs: 1300 30 44 30

Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:

Keep Informed with Weekly Updates



Topics: Phishing brand exploitation brandjacking email scams Threat Update

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all