Fake eBay invoice scam linking to malware

Posted by Emmanuel Marshall on 28 February 2018 09:41:51 AEDT


MailGuard has detected a new criminal-intent email linking to malware. This scam message exploits fake eBay branding to deceive victims into downloading a harmful file.

As shown in the screenshot above, this scam is designed to look like an invoice from eBay. The ‘view invoice’ link button in the message points to an archived file which contains JavaScript malware.

Scammers use cleverly designed fake messages like this one to deliver all sorts of malware including viruses, ransomware and spyware.
The fraudulent use of eBay’s branding helps the scam message seem more trustworthy, and looking at how well put together this scam is, it’s not hard to imagine that this email will deceive a lot of people.

Use of big brand-names by scammers is known as ‘brandjacking’; it’s a very successful technique for cybercriminals because a lot of people will feel safe clicking on a message that appears to come from a trusted company.
Read more about brandjacking, here.

Another way scammers try to make their emails look more realistic is by using sender domains that look like real company URLs. You can see in the screenshot of the message that the sending domain ‘ebayonlinesale.com’ looks quite convincing, but actually this domain was just registered yesterday in China, probably for the specific purpose of this scam.

If you see this message in your inbox, please delete it immediately. JavaScript malware scams like this can cause major virus infections that are very damaging to computer systems and extremely costly.

 

Protect Your Inbox


9 out of 10 cyber-attacks are delivered via email, so it's essential to have the best filtering service available. 

For a few dollars per staff member per month, you can have the peace of mind of MailGuard's comprehensive cloud-based email and web filtering. You’ll significantly reduce the risk of zero-day (previously unknown) threats and stop new variants of malicious email from entering your network.

Keep up to date on the latest scams by subscribing to MailGuard updates or follow us on social media.

If you’re experiencing problems with email scams you can speak to one of MailGuard's cloud security specialists right now on 1300 30 44 30 

 

 

Back to Blog

Comments:


    Something Powerful

    Tell The Reader More

    The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.

    Remember:

    • Bullets are great
    • For spelling out benefits and
    • Turning visitors into leads.

    Recent Posts

    Posts by Topic

    see all