Emmanuel Marshall 06 March 2018 15:22:39 AEDT 2 MIN READ

Fake Enviro Sweep tax invoice used in email scam


MailGuard has detected a new email-borne malware attack brandjacking Enviro Sweep, a South Australia based company that provides sanitation services.

The malicious email takes the form of a fake invoice notification, as shown in the screenshot above. The message comes with a .pdf attachment titled ‘tax invoice,’ which contains a link to a malware file - see below:

180306-tax-invoice-2.jpg


The sender display name on this scam message is ‘Gary Taylor,’ with the sender address ‘gtaylor@envirosweep.com.au

This appears to be an actual Enviro Sweep email address, which suggests that Enviro Sweep may have been hacked and had their email services exploited by the fraudsters behind this scam.

Please help us alert people to this scam by sharing our warning on Twitter and your other social networks.