Earlier this week, MailGuard detected a phishing invoice email scam sent via a single compromised sender.
First intercepted on 16th July 2019 around midday (AEST), the email appeared to have been sent by a single compromised sender. The plain-text email is short, and notifies the recipient of an invoice in the form of a PDF attachment.
The interesting thing about this attack is that it demonstrates how easy it is for criminals to operate these sort of scams. A simple email of this kind could be based on inexpensive malware, bought through a dark web portal, and run from a phone.
Watch the full scam below:
MailGuard urges all cyber users to be vigilant when accessing their emails and look out for tell-tale signs of malicious emails:
Tell-tale signs of email scams
- Do not address recipients directly (e.g. “Dear customer”)
- Bad grammar or misuse of punctuation and poor-quality or distorted graphics
- An instruction to click a link to perform an action (hover over them to see where you’re really being directed)
- Obscure sending addresses (for example, Hotmail, gmail, Yahoo addresses should set alarms bells ringing)
Take Action to Defend Your Business
Email attacks can be enormously costly and destructive, and new scams are appearing every week. Don’t wait until it happens to your business; take action to protect your business and your staff from financial and reputational damage, now.
For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs: firstname.lastname@example.org
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update, or follow us on Twitter @MailGuard.