MailGuard has detected an email scam today using fake Origin branding to make it look like an electricity bill notification.
As you can see in the screenshot above, this is a well-designed scam message. The criminals behind this attack have gone to the trouble of registering 4 new domains and using them as email sender domains to make their emails look more legitimate:
- From: "Origin Energy" <firstname.lastname@example.org>
- From: "Origin Energy" <email@example.com>
- From: "Origin Energy" <firstname.lastname@example.org>
- From: "Origin Energy" <email@example.com>
The email contains a “view bill” link button and although it isn’t clear at this time what type of malicious content this email links to, MailGuard suspects it is a virus download of some sort.
Essentially, brandjacking is a kind of forgery; scammers exploit the trademarks of well-known companies to deceive their victims and gain their trust.
In a typical brandjacking scam, criminals create email templates that look like messages from big companies and send them out wholesale to millions of recipients. When the scam messages show up in victim’s inboxes they feel safe opening them, because they look like legitimate emails from familiar companies.
Some common brandjacking formats are fake invoice notifications or requests for account verification.
Read more about brandjacking, here.
Stop scam email:
If your company’s email accounts aren’t protected, criminal-intent emails are almost certainly being received by your staff. Cybercriminals know we can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.
People are not machines; we are all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.
For a few dollars per staff member per month, you can protect your business with MailGuard's predictive email security.
Talk to an expert at MailGuard today about making your company's network secure: click here.
Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below: