Akankasha Dewan 18 October 2018 12:55:05 AEDT 2 MIN READ

Watch Out: Purchase order email scam links to malicious downloads

Do not be too quick to click everything you see in your inbox. Cybercriminals circulated a malicious email in the form of a fraudulent purchase order on Tuesday afternoon.

Emails, supposedly from ‘United Cranes & Rigging’ informed recipients of the delivery of a new purchase order from ‘***ASIC***’.

Titled ‘Purchase Orderd  ***ASIC***’, the body of the email included a number of the purchase order as well as a link to view the attached order.

 A screenshot of the email is below:

united-cranes-01

Unsuspecting users who clicked on the link to view the attached purchase order were led to a malicious .doc file download, containing macros.

MailGuard understands the document linked to the email included the ASIC logo as well as its branding. The document encouraged users to enable macros if they wished to edit and/or view the contents of the document.

ASIC macros document

Once the user enables the macros, the macros are understood to download another malicious file that infects the system.

MailGuard found the email was, in fact, sent from a compromised MailChimp account, which appears to belong to United Cranes & Rigging.

File attachments like the one used in this attack can infect victim’s computers with viruses, spyware, and crypto-jacking malware.

One email

Doing business online opens up opportunities for collaboration on an unprecedented level, but with that opportunity comes significant risk. Cybercriminals use simple scam emails to infiltrate organisations with malware and attack them from the inside. 

All criminals need to break into your business is a cleverly worded email. If they can trick one person in your company into clicking on a malicious link they can gain access to your data. 

For a few dollars per staff member per month, add MailGuard's cloud-based email filtering protection to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs: expert@mailguard.com.au

Stay up-to-date with new posts on the MailGuard Blog by subscribing to our email updates. 

Keep Informed with Weekly Updates