MailGuard has detected a new email-borne malware attack brandjacking Enviro Sweep, a South Australia based company that provides sanitation services.
The malicious email takes the form of a fake invoice notification, as shown in the screenshot above. The message comes with a .pdf attachment titled ‘tax invoice,’ which contains a link to a malware file - see below:
The sender display name on this scam message is ‘Gary Taylor,’ with the sender address ‘firstname.lastname@example.org’
This appears to be an actual Enviro Sweep email address, which suggests that Enviro Sweep may have been hacked and had their email services exploited by the fraudsters behind this scam.
Please help us alert people to this scam by sharing our warning on Twitter and your other social networks.
Latest #brandjacking scam: Simple text email links to a PDF and malicious (dot)exe file. The domain envirosweep(dot)com(dot)au appears to be compromised. More details to be published on our blog: https://t.co/gCXrVPjRO8 #ZeroDay #EmailScam #Phishing #Cybercrime pic.twitter.com/6HGlD69ON3— MailGuard (@MailGuard) March 6, 2018
Defend your inbox
New email scams are appearing every day. Don’t wait until it happens to your business; take action to protect your company from financial and reputational damage, now.
Effective cybersecurity requires a multi-layered strategy. For a few dollars per staff member per month, add MailGuard's predictive email security. You’ll significantly reduce the risk of malicious email entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs: 1300 30 44 30
Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below: