Emmanuel Marshall 18 January 2018 15:13:00 AEDT 1 MIN READ

Fake Invoice Scam: Don't Click on JavaScript Files


MailGuard has detected a fake invoice email linking to JavaScript malware stored on a Zoho Docs service.

The sender display name is ‘Asset Associated Air Pty Ltd’ and the fraudsters behind this email have used fake Quickbooks branding to try and convince people it’s a legitimate message (see image above).

The objective of this kind of generic invoice scams is to get an unwary recipient to click on the view invoice button and open the linked file. The JavaScript contained in the file is a ‘dropper,’ which covertly installs a virus or trojan of some sort onto the infected computer.

Scammers use droppers to install spyware, keyloggers, worms and ransomware onto their victim’s devices.

If you see this email arrive in your inbox, delete it immediately to avoid harm to your system.

 

Make Your Inbox Safe


All criminals need to break into your business is a cleverly worded email. If they can trick one person in your company into clicking on a malicious link they can install malware on your computer system and gain access to your data.

For a few dollars per staff member per month, you can protect your business with MailGuard's cloud-based email and web filtering security.


Talk to an expert at MailGuard today about making your company's network secure: click here.

 

Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:

Keep Informed with Weekly Updates