This festive season, think twice before receiving any gifts online. A payload email scam is currently masquerading as an e-Gift card for a massage.
The emails are sent using a MailChimp account belonging to ‘Australian Organisational Excellence Foundation’. Titled "Massage Gift for Client", they contain an image of a woman getting a massage.
The body of the email advises recipients that their e-Gift card is ready and contains a link to ‘Get Your Free Massage’. It directs recipients to print a document to redeem their free massage and provides a ‘passcode’ for accessing the document in the .zip archive available at the link.
The criminals behind such scams leverage on the festivities of the year-end period. They intentionally send promotional-based offers, such as free massages, as these are likely to be circulating in this festive season. This helps to boost the credibility of their emails.
Everybody loves to receive free gifts, and such type of scams also prey on recipients’ excitement to motivate them onto clicking on links without much thought.
What to do if you receive such emails
As a precaution, avoid clicking links in emails that:
- Are not addressed to you by name, have poor English or omit personal details that a legitimate sender would include
- Are from businesses you’re not expecting to hear from.
- Ask you to download any files
- Take you to a landing page or website that does not have the legitimate URL of the company the email is purporting to be sent from.
Don't get scammed
If your company’s email accounts aren’t protected, emails like the one above are almost certainly being received by your staff. Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.
People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.
For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs: firstname.lastname@example.org
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update, or follow us on Twitter @MailGuard.