If you get this simple looking little email in your inbox, don’t click on the link and open the .doc file it points to.
Although the scammers that sent it tried to make it look like a GIO Insurance notification, the sole purpose of this innocent-looking little message is to deliver malware. The .doc file contains hidden code that will deliver malicious software to the victim’s computer in the background, without their knowledge.
There are 2 different sender display addresses associated with this attack:
- “From: GIO Insurance insurane@nufloor.com.au”
- “From: GIO Insurance postmaster@emilac.com”
Checking the sender addresses on scam messages like this one is one way to help identify that they are fakes.
Please help us to make people aware of this cyber-attack by sharing it on your twitter feed:
#ZERODAY #FASTBREAK Simple plain text email with a Google doc link goes to a malicious Word file. Sent from 2 different addresses: insurane(at)nufloor(dot)com(dot)au and postmaster(at)emilac(dot)com https://t.co/vju7CjsCGH#EmailScam #Phishing @scamwatch_gov @GIOInsurance pic.twitter.com/1D0tte9aWz
— MailGuard (@MailGuard) April 26, 2018
This message is an example of brandjacking; a scam format that uses the names of well-known companies to hide the intentions of malicious emails.
You can read more about brandjacking in an excellent article by MailGuard CEO Craig McDonald: read it here.
Brandjacking
If your company’s email accounts aren’t protected, brandjacking emails are almost certainly being received by your staff. Cybercriminals know we can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.
People aren't machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.
For a few dollars per staff member per month, you can protect your business with MailGuard's predictive email security.
Talk to an expert at MailGuard today about making your company's network secure: click here.
Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:
