A new e-ticket infringement email scam has been landing in inboxes throughout today. Starting late in the morning AEST, the run continued for several hours with a display name ‘Anna POL #6635’ and display address of ‘strathmorecc(at)live(dot)com(dot)au’
The scam uses compromised MailChimp accounts to distribute a malicious ZIP file. This is a tactic that is becoming more prevalent. Because the accounts are legitimate, it is difficult for anti-virus and email scanners to identify and block the initial email run.
Tell-tale signs of email scams
- Generic greetings, such as ‘Dear customer’
- A sense of urgency: “Ensure your invoice is paid by the due date to avoid unnecessary fees”
- Bad grammar or misuse of punctuation and poor-quality or distorted graphics (this attempt isn’t let down by bad grammar, making it more likely some people will take the bait).
- An instruction to click a link to perform an action (hover over them to see where you’re really being directed)
- Obscure sending addresses (for example, goviau.co – go via’s real domain is http://govianetwork.com.au/)
For a few dollars per staff member per month, add MailGuard's cloud-based email and web security to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.