Do not be fooled if you receive a legitimate-looking email from eFax informing you of a new fax delivery. The email is a fraud and could possibly infect your computer.
Appearing via the display name ‘eFax’, the email actually comes from a large number of compromised WordPress websites.
It informs recipients that they have received a fax, and offers a link to view the fax. MailGuard understands the link leads to a malicious file download, although in some cases users are led to a blank page.
As can be observed from the screenshot of the scam email above, several measures have been adopted to trick the recipient into thinking the email is a legitimate one from eFax.
The branding of the company has been incorporated in the email, along with a reference number and the mention of eFax’s supposed website. All this has been done in an attempt to dupe people into viewing the above mentioned ‘new fax’ so they will click on the compromised link.
Such tactics are commonly adopted by cybercriminals looking to hack into computer systems. Brands such as the AFP and AGL have also recently fallen victim to such brandjacking.
Why are brand-impersonation scam emails so popular?
There are many factors. But in short, cybercriminals prefer to rely on the hard work of others.
By targeting popular brands, recipients are more likely to have a relationship or be familiar with the company or service being impersonated. That’s an instant foot in the door.
Why the risk extends beyond professionals who use eFax
eFax – and the companies that use this software – are innocent parties in this invoice scam.
But it’s not just direct customers at risk. Because the fraudulent email has been distributed so widely, it widens the net with regard to the number of people susceptible to the scam.
This presents a real risk – particularly for businesses that enable employees to check their personal email on work computers.
Effective cybersecurity requires a multi-layered strategy. For a few dollars per staff member per month, add MailGuard's predictive email security. You’ll significantly reduce the risk of malicious email entering your network.
Talk to an expert at MailGuard today about your company's cybersecurity needs: 1300 30 44 30
Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:
