Watch Out: BSC report email links to Excel-branded phishing page

Posted by Akankasha Dewan on 19 June 2019 16:09:19 AEST

Do not be too quick to click everything you see in your inbox. Cybercriminals circulated a malicious email in the form of a fraudulent monthly report this morning, 19th June 2019.

Emails titled ‘Report for June is available’ informed recipients of the arrival of a BSC (Balanced Score Card) report for June. MailGuard found the emails were sent by many different compromised senders.

The body of the email included a message from ‘Cerys’, who shared details of a link to Sharepoint, where the report was supposedly hosted. An expiry date was also included, supposedly to indicate how long the link is active for. This enhances the urgency level of the email, motivating unsuspecting users to click on the link before it expires.

 A screenshot of the email is below:

BSC blog

Unsuspecting users who clicked on the link to view the report were redirected to a different URL and presented with the background of a fake blurred Microsoft Excel page. The page was blocked by a clear large Microsoft Excel branded box message.

Here’s a screenshot of the page:

BSC excel

As seen above, the box message invited users to enter their email credentials to access the document. Upon entering their credentials, users are redirected to the real

Multiple elements have been included to boost the legitimacy of this email scam, making it quite well-refined. These include the fact that the phishing URL used to display the Excel-branded page is in itself well-engineered (starts with “”), leading users to think they’re on a safe and secure website.

Cybercriminals frequently exploit the branding of global companies like Microsoft in their scams, because their good reputation lulls victims into a false sense of security, and with such a large number of users they are an easy and attractive target.

However, the emails do retain a red flag that points to the illegitimacy of the email – the lack of a personalised addressee. The email does not address any customers directly, but instead refer to ‘Dear All’. Such a trait is commonly observed in a typical email scam and MailGuard urges all users to be vigilant of such signs when accessing their emails.

Phishing continues to be one of the most prevalent forms of cyber-crime. The vast majority of online scams - more than 90% - are perpetrated using email, so it’s wise to always be skeptical of messages from unfamiliar senders asking you to log into your accounts.

Take Action to Defend Your Business

Email scams can be enormously costly and destructive, and new scams are appearing every week. Don’t wait until it happens to your business; take action to protect your business and your staff from financial and reputational damage, now.

For a few dollars per staff member per month, you can protect your business with MailGuard's predictive email security.

Talk to an expert at MailGuard today about making your company's network secure: click here.

Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:

Keep Informed with Weekly Updates



Topics: Phishing Zenith Bank

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all