MailGuard is detecting criminal intent emails designed to look like MYOB invoice notifications from a company called Craftedeals.
The messages contain a ‘view invoice’ button that actually links to a JavaScript malware file.
You can see in the screenshot of the message, above, that this scam email is quite well formatted and used MYOB branding to make it look more convincing.
The displayed sender email address is account@craftedeals.com.au - which is the real compromised company email account of Craftedeals.
The company that the message claims to come from - Craftedeals - has apparently been hacked today. The scammers behind this attack are exploiting the Craftedeals email account to send out their malicious messages without the company's consent.
Craftedeals issued a statement on Facebook this morning acknowledging the breach of their system and warning recipients of these scam messages not to open them - see Facebook screenshot below:
MailGuard has protected our client’s inboxes from this criminal-intent email but this message will still reach a lot of people who are not MailGuard clients.
If you see this message in your inbox, please delete it and avoid damage to your computer.
The kind of JavaScript malware this message links to can be very harmful, and could have the potential to hijack or disable victim’s computer systems.
Protect Your Inbox
MailGuard has reched out to Craftedeals today and offered them support dealing with their hacking incident.
Email account hacks of this kind can be extremely damaging and costly to a business, so it's essential to have the best filtering service available.
For a few dollars per staff member per month, you can have the peace of mind of MailGuard's comprehensive cloud-based email and web filtering. You’ll significantly reduce the risk of zero-day (previously unknown) threats and stop new variants of malicious email from entering your network.
If you’re experiencing problems with email scams you can speak to one of MailGuard's cloud security specialists right now on 1300 30 44 30
