Received unexpected documents via email? It might be a phishing scam

Posted by Akankasha Dewan on 23 August 2019 13:20:54 AEST

Getting an email notifying you that you’ve got new documents to view might intrigue and tempt you to explore further but think again before you click on any links.

MailGuard intercepted a phishing email masquerading as a new document sharing notification on the 23rd of August morning (AEST). This email scam is highly similar to the one intercepted yesterday purporting to be from an ‘account manager’.

The email infiltrated Australian inboxes from a single compromised email address. MailGuard understands that cybercriminals behind this scam have used the victim's email account to send the unsolicited messages. It uses a display name ‘Elite property group’ and is titled ‘Tenant/statement’.

While the body of the email is largely empty, it contains a text box instructing recipients in a short message ‘to view the documents’ along with a link to do so.

Here is a screenshot of the email:

email - 2308

Unsuspecting recipients who click the link to ‘view document’ are led to a fake login page incorporating Microsoft branding, as per the below:

login 2308


This is actually a phishing page designed to harvest confidential details of users. Once the form is submitted, the user is redirected to the real Microsoft login page.

Whilst MailGuard is stopping this email scam from reaching Australian businesses, we encourage all users to be extra vigilant against this kind of email and whatever happens, do not respond to it.

This email scam preys on curiosity of recipients who might not be expecting new documents motivating them to access the link as soon as possible.

While the actual phishing page utilises Microsoft’s branding elements in a bid to seem legitimate, several red flags appear in the actual email that would make any eagle-eyed recipient conscious of its inauthenticity. These include the lack of an actual message body. In addition, the recipient isn’t addressed directly.   

To reduce the risk of being tricked by one of these scams, you should immediately delete any emails that:

  • Appear to be from a well-known organisation, typically a bank or service provider and are not addressed to you by name and may include poor grammar.
  • Ask you to click on a link within the email body in order to access their website. If unsure call the company directly and ask whether the email is legitimate
  • Offer money, reward or gift to entice you to hand over your personal details
  • Ask you to submit personal information that the sender should already have access to or should not be requesting from you in the first place

Don't get scammed

If your company’s email accounts aren’t protected, emails like the one above are almost certainly being received by your staff.  Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.

People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.

For a few dollars per staff member per month, you can protect your business with MailGuard's predictive email security.
Talk to an expert at MailGuard today about making your company's network secure: click here.

Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:

Keep Informed with Weekly Updates



Topics: Xero

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all