Massage e-Gift email contains a malicious payload

Posted by Akankasha Dewan on 22 November 2018 16:31:51 AEDT

This festive season, think twice before receiving any gifts online. A payload email scam is currently masquerading as an e-Gift card for a massage.

The emails are sent using a MailChimp account belonging to ‘Australian Organisational Excellence Foundation’. Titled "Massage Gift for Client", they contain an image of a woman getting a massage.

The body of the email advises recipients that their e-Gift card is ready and contains a link to ‘Get Your Free Massage’. It directs recipients to print a document to redeem their free massage and provides a ‘passcode’ for accessing the document in the .zip archive available at the link.

 Massage Payload Scam Social Image

Unsuspecting recipients who click on the link are led to a Google Drive hosted .zip archive, which contains a malicious JavaScript file designed to infect users’ computers.

Using a password protected .zip archive is tactic employed by cybercriminals to prevent detection, as the JavaScript file within the archive cannot be accessed and scanned. Consequentially, it becomes tougher for anti-virus scans to return a result.

The criminals behind such scams leverage on the festivities of the year-end period. They intentionally send promotional-based offers, such as free massages, as these are likely to be circulating in this festive season. This helps to boost the credibility of their emails.

Everybody loves to receive free gifts, and such type of scams also prey on recipients’ excitement to motivate them onto clicking on links without much thought.

What to do if you receive such emails

As a precaution, avoid clicking links in emails that:

  • Are not addressed to you by name, have poor English or omit personal details that a legitimate sender would include
  • Are from businesses you’re not expecting to hear from.
  • Ask you to download any files
  • Take you to a landing page or website that does not have the legitimate URL of the company the email is purporting to be sent from.

Don't get scammed

If your company’s email accounts aren’t protected, emails like the one above are almost certainly being received by your staff.  Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.

People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.

For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs: expert@mailguard.com.au

Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update, or follow us on Twitter @MailGuard.

Keep Informed with Weekly Updates

 

^ Back to Top

Topics: cybercrime Cybersecurity email scam Malicious payload

Back to Blog

Comments:


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.

Remember:

  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all