Fake Suncorp emails in new brandjacking scam

Posted by Emmanuel Marshall on 29 January 2018 12:05:19 AEDT

MailGuard has detected a new email scam involving a fake Suncorp wire transfer notification.

The email subject line reads ‘the wire transfer can not be processed.’

The message goes on to inform the recipient that ‘the detailed information regarding this transfer is on the link.’

As can be seen in the screenshot above, at the end of the message there is a text link reading ‘wire transfer details.’ This link doesn't actually go to a real document; it points to a malicious JavaScript file.

JavaScript malware can be designed to perform a wide range of harmful operations, and scammers routinely use files of this type to install spyware and viruses.

There are a few indications that this message is not legitimate.
Most notable are the poor grammar in the message and the sender address - issupport[at]australiantenders[dot]com - which has no relation to Suncorp.

‘Brandjacking’ messages like this one use the prominently displayed logos of big companies to try and trick recipients. Although the message is poorly written and does not come from a legitimate Suncorp email address, the use of the Suncorp logo might be enough to persuade some people to click on the link without thinking.

Brandjacking is a very common ploy in email scams, so it’s very important to always verify the authenticity of messages in your inbox before opening them.


Think before you click

  • Always hover your mouse over links within emails and check the domain they’re pointing to. If they look suspicious or unfamiliar don’t open them.
  • 9 out of 10 cyber-attacks are delivered via email, so it's essential to have the best filtering service available. 
  • For a few dollars per staff member per month, you can have the peace of mind of MailGuard's comprehensive cloud-based email and web filtering. You’ll significantly reduce the risk of zero-day (previously unknown) threats and stop new variants of malicious email from entering your network.
  • Keep up to date on the latest scams by subscribing to MailGuard updates or follow us on social media.
  • If you’re experiencing problems with email scams you can speak to one of MailGuard's cloud security specialists right now on 1300 30 44 30 


Topics: Zero Day JavaScript malware email scams Threat Update Suncorp

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all