A new phishing email scam has been intercepted by MailGuard, this time purporting to be sent from email marketing service Mailjet.
Using a display name of "Mailjet Customer Service", the email is titled ‘’Action required: Update your payment information now”. However, the email address shown in the “From” field is clearly not associated with Mailjet. This scam is actually sent from a compromised email account.
The message body contains the Mailjet logo and advises the recipient that their payment has been declined. It informs recipients that the payment method used to purchase an account with Mailjet was declined. To avoid interruption of service, the recipient is advised to update their payment information. A link is provided to "Update Your Payment Information".
Here is a screenshot of the email:
Unsuspecting recipients who click on the above link are taken to a fake Mailjet-branded login page, as per below:
Upon ‘logging in’, recipients are redirected to the actual Mailjet login page. The sole purpose of this scam is to harvest users’ confidential details like their Mailjet email address and password. This can be dangerous because Mailjet is an email marketing tool used to send mass messages to large numbers of mailing lists with thousands of email addresses. Once cybercriminals gain access to any Mailjet account, they can send malicious emails to those mailing lists or even use those email addresses to send malicious messages.
As you can see from the screenshots above, all of the phishing pages are legitimate-looking copies of pages purporting to be from Mailjet. Cybercriminals have taken great pains to incorporate the exact colour scheme, logo, fonts and popular images commonly found in Mailjet pages in a bid to convince the user that the email is actually originating from the email marketing service.
In addition, the email contains several other techniques that are designed to trick recipients:
- use of a major brand name to inspire false trust; the usage of the supposed ‘Mailjet Customer Service’ display name boosts the email's credibility,
- inclusion of ‘Terms of Use’ and ‘Sending Policy’ links that are typically expected of a well-established company in the phishing pages and,
- false urgency; a header in the subject line such as ‘Your payment has been declined’ creates a sense of panic and anxiety.
Despite these techniques to fool users into thinking the email is authentic, eagle-eyed recipients will spot red flags that point to its illegitimacy. These include several grammatical errors in the body of the email as well as the fact that the email domain in the ‘from’ field doesn’t belong to Mailjet.
Please share this alert with your social media network to help us make more people aware of the threat.
To protect your business against scams like this fake Mailjet-branded phishing email:
- Beware of emails that contain grammatical or branding errors, but purport to be from reputable organisations.
- Always hover your mouse over the links contained in emails in order to check their legitimacy – don’t click them unless you are sure they are safe.
- To ensure safety, type the URL of the organisation you are intending to visit manually into your browser or navigate through Google search to find the correct website before entering your credentials.
- Be particularly wary of emails asking you to supply personal details that the purported organisation should already know, especially those which ask for credit card or bank account details.
MailGuard urges all recipients of this email to delete it immediately without clicking on any links.
Don't get scammed
If your company’s email accounts aren’t protected, emails like the one above are almost certainly being received by your staff. Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.
People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.
One email is all that it takes
All that it takes to break into your business is a cleverly-worded email message. If scammers can trick one person in your company into clicking on a malicious link they can gain access to your data.
For a few dollars per staff member per month, you can protect your business with MailGuard's predictive and advanced email security.
Talk to a solution consultant at MailGuard today about securing your company's network.
Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.
