Don’t panic if you receive an email supposedly from Mailgun Technologies and/or SendGrid claiming that your account services are going to be suspended.
These emails are part of a phishing email scam designed to harvest your confidential data.
Emails spoofing SendGrid are infiltrating inboxes using a display name of “Sendgrid Support”. They also show a SendGrid email address within the message from. This display name used by the phishing emails purporting to be from Mailgun is "Sam at Mailgun", with a legitimate Mailgun address within the message from. The envelope sender for both email scams are from a suspicious domain, "buisness-wizard.com".
Both emails indicate that the recipient’s service / account is suspended or about to be. Their body states that the recipient must make a payment to continue using their account. A link is provided to go to their account page to correct the issue with their account.
Here are screenshots of both the emails:
Unsuspecting recipients who click on the link to rectify the issue are led to a replica of Mailgun or SendGrid’s actual login page. Once they complete the login page, they are redirected to the relevant service’s legitimate login page.
Here are screenshots of the replica pages:
Whilst MailGuard is stopping this email scam from reaching Australian businesses, we encourage all users to be extra vigilant against this kind of email and whatever happens, do not open or click on it.
As you can see from the screenshots above, cybercriminals have attempted to boost the credibility of this email scam by incorporating Mailgun & SendGrid’s logos and branding using high quality graphical elements.
Despite this attempt, eagle-eyed recipients would be able to identify the inauthenticity of the emails due to several red flags. These include the fact that the recipient isn’t directly addressed in the email.
Phishing continues to be one of the most prevalent forms of cyber-crime. The vast majority of online scams - more than 90% - are perpetrated using email, so it’s wise to always be skeptical of messages from unfamiliar senders asking you to log into your accounts.
What to look out for
As a precaution, avoid clicking links in emails that:
- Are not addressed to you by name, have poor English or omit personal details that a legitimate sender would include (e.g. – tracking ID).
- Are from businesses you’re not expecting to hear from.
- Ask you to download any files or messages, including audio notes.
- Take you to a landing page or website that does not have the legitimate URL of the company the email is purporting to be sent from.
Whilst MailGuard is stopping this email scam from reaching Australian businesses, we encourage all users to be extra vigilant against this kind of email and whatever happens, do not open or click them.
Don't get scammed
If your company’s email accounts aren’t protected, emails like the one above are almost certainly being received by your staff. Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.
People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.
Is your business receiving criminal intent emails?
It's time to get the protection your business needs.
Cybercriminals use email scams to infiltrate organisations with malware and attack them from the inside. All criminals need to break into your business is a cleverly-worded message. If they can trick one person in your company into clicking on a malicious link they can gain access to your data.
Speak to the MailGuard team today to learn more how MailGuard's predictive and advanced email security can help protect your business for a few dollars per staff member per month.
Talk to a solution consultant at MailGuard today about securing your company's network.
Why not stay up-to-date with MailGuard's latest blog posts by subscribing to free updates? Subscribe to weekly updates by clicking on the button below.