Fraudulent invoice email impersonates MYOB

Posted by Akankasha Dewan on 09 November 2018 11:47:23 AEDT

You can never be too careful when clicking on any links or attachments sent via email, even if the sender purports to be someone from an established and well-known company.

MailGuard intercepted an invoice email scam which uses multiple display names of legitimate companies on Thursday morning AEST.

The email included an invoice purportedly issued by MYOB. The well-known accounting software company’s logo and branding were incorporated by cybercriminals within the body of the email.

Sent from one of many hijacked company names, the email informs users that their invoice in due in 3 days.

MYOB email scam

A link is provided to view the invoice, which leads to either an offline webpage (404), or a blank page. MailGuard suspects that these pages host either a phishing page or a malicious payload. The emails actually come from multiple compromised email accounts.

Why are brand-impersonation scam emails so popular?

There are many factors. But in short, cybercriminals prefer to rely on the hard work of others.

By targeting popular brands, recipients are more likely to have a relationship with the company being impersonated. That’s an instant foot in the door. In this case, cybercriminals used familiar display names to send hoax invoices supposedly generated by MYOB.

Here’s some more information on why online criminals hide behind trusted brands.

Why the risk extends beyond professionals who use MYOB

MYOB – and the companies that use this software – are innocent parties in this invoice scam.

But it’s not just direct customers at risk. Because the fraudulent email has been distributed so widely, it widens the net with regard to the number of people susceptible to the scam.

All that criminals need to break into your business is a cleverly worded email. If they can trick one person in your company into clicking on a malicious link they can gain access to your data.

For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs:

Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update, or follow us on Twitter @MailGuard.

Keep Informed with Weekly Updates


^ Back to Top

Topics: Phishing email scam Cybersecurity cybercrime

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all