MailGuard Blog — Breaking alerts, news and updates on cybersecurity topics

Generic invoice email is a phishing scam

Written by Akankasha Dewan | 22 November 2018 05:41:49 Z

MailGuard has intercepted a generic invoice email that leads to a phishing page. 

This email is not a very well designed attack compared to some of the more sophisticated scams we see here at MailGuard. The email is in a plain text format and contains grammatical errors; a red flag to anyone conscious of email security concerns. It directs recipients to click on an attached invoice and contains reference numbers of the invoice.  

There are 2 subjects used in this phishing email attack:

  • ‘Please overdue statement and remit payment at your earliest!’
  • ‘Incoming New-Invoice Received’

Here is a screenshot of the email with the first subject line:

And here is the second:

Using a display name of the ‘Accounts Dept’, the body of both emails contain no text other than the signature of the compromised account. The designation mentioned in the signature is ‘Accounting Manager’.

Both emails have a .pdf file attached, which includes a link to ‘view file’.

This link leads to an Office 365 phishing page, requesting users to enter their email address and password to view the file.

This invoice-related phishing scam is a good reminder of how innocent-looking, plain emails can, in fact, be malicious. As simple as they may seem, these attacks are happening all too regularly, and with devastating effect. Not only can they gain access to confidential data of individual employees and firms, they can, ultimately, inflict significant financial and reputational damage on an organisation.

Tell-tale signs of phishing scams

  • A sense of urgency
  • Bad grammar or misuse of punctuation and poor-quality or distorted graphics
  • An instruction to click a link to perform an action (hover over them to see where you’re really being directed)
  • Obscure sending addresses (for example, Hotmail, gmail, Yahoo addresses should set alarms bells ringing)

Don't get scammed

If your company’s email accounts aren’t protected, emails like the one above are almost certainly being received by your staff.  Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.

People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.

For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs: expert@mailguard.com.au

Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update, or follow us on Twitter @MailGuard.

 

^ Back to Top
View full post