Watch Out: Purchase order email scam links to malicious downloads

Posted by Akankasha Dewan on 18 October 2018 12:55:05 AEDT

Do not be too quick to click everything you see in your inbox. Cybercriminals circulated a malicious email in the form of a fraudulent purchase order on Tuesday afternoon.

Emails, supposedly from ‘United Cranes & Rigging’ informed recipients of the delivery of a new purchase order from ‘***ASIC***’.

Titled ‘Purchase Orderd  ***ASIC***’, the body of the email included a number of the purchase order as well as a link to view the attached order.

 A screenshot of the email is below:


Unsuspecting users who clicked on the link to view the attached purchase order were led to a malicious .doc file download, containing macros.

MailGuard understands the document linked to the email included the ASIC logo as well as its branding. The document encouraged users to enable macros if they wished to edit and/or view the contents of the document.

ASIC macros document

Once the user enables the macros, the macros are understood to download another malicious file that infects the system.

MailGuard found the email was, in fact, sent from a compromised MailChimp account, which appears to belong to United Cranes & Rigging.

File attachments like the one used in this attack can infect victim’s computers with viruses, spyware, and crypto-jacking malware.

One email

Doing business online opens up opportunities for collaboration on an unprecedented level, but with that opportunity comes significant risk. Cybercriminals use simple scam emails to infiltrate organisations with malware and attack them from the inside. 

All criminals need to break into your business is a cleverly worded email. If they can trick one person in your company into clicking on a malicious link they can gain access to your data. 

For a few dollars per staff member per month, add MailGuard's cloud-based email filtering protection to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs:

Stay up-to-date with new posts on the MailGuard Blog by subscribing to our email updates. 

Keep Informed with Weekly Updates


Topics: Cybersecurity email fraud cybercrime Threat Update emailscam

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all