The fake Origin Energy bill notice in the screenshot above is an example of a new email scam that is targeting inboxes today.
The scam email message invites recipients to view their bill online, but the .doc file the link points to is infected with hidden malware.
#ZERODAY #Breaking #Phishing scam detected by @MailGuard — Well-formatted HTML email #brandjacks Origin Energy, links to malicious Word document payload. Sender address is noreply(at)chesenergy(dot)com#EmailScam #Phishing #MailGuard #CyberSecurity #CyberCrime @originenergy pic.twitter.com/Bsn5JhNoqa
— MailGuard (@MailGuard) April 12, 2018
Energy companies, telcos, banks, media companies and online business platforms are some of the most commonly brandjacked industry categories.
Origin Energy is regularly imitated by scammers looking to trick people into clicking on their malicious emails. As recently as last month MailGuard detected another email scam abusing the Origin trademark.
There is a growing problem emerging of template based scams of this kind. Known as Malware-as-a-service (MaaS) scams, attacks like this are based on DIY kits sold on the dark web for a few hundred dollars. MaaS kits include email templates and malware code that enable even criminals with minimal technical skill to perpetrate scams.
> Read more about MaaS scam kits, here.
Brandjacking
If your company’s email accounts aren’t protected, brandjacking emails are almost certainly being received by your staff. Cybercriminals know we can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.
People are not machines; we are all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.
For a few dollars per staff member per month, you can protect your business with MailGuard's predictive email security.
Talk to an expert at MailGuard today about making your company's network secure: click here.
Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:
