MailGuard Editor 16 January 2018 12:18:53 AEDT 1 MIN READ

Yet Another Case of Brandjacking: Zoho Latest Victim in Zero Day Email Phishing Scam

Using Zoho as your customer relationship management (CRM) tool, subscribe to Zoho communications or use Zoho Docs? Or maybe you're just curious? Don't get sucked into the latest fast-breaking criminal intent phishing scam detected by MailGuard today.

The HTML-formatted email claims to be sharing a tax report and GST calculation worksheet. Don't respond to 'Les Parkinson', who signs off the personalised email.

People may be enticed to engage due to the fake GST payable amount of $8,919. Links in the email point to the legitimate Zoho Docs service hosting an archive file containing malicious JavaScript code.

The sender domain,, was registered with a company based in China on 14 January 2018.

The sending address and display address is always noreply{at}zohocrm{dot}org.

Each sender display name is unique, below are some samples from what we've discovered:

Todd Soden via  Zoho Docs
Graham Cooper via  Zoho Docs
Paul Rogers via  Zoho Docs
Shae Mccoll via  Zoho Docs
Peter Rutherford via  Zoho Docs
Angela Smith via  Zoho Docs
Melanie Philp via  Zoho Docs
Cameron Bastion via  Zoho Docs
Dominic Wecker via  Zoho Docs
Kathryn Grimshaw via  Zoho Docs

Protect yourself and your business from cybercrime

New scams like this one appear every day. Don’t wait until it happens to your business. Take action now to protect your company from financial and reputational damage.

Add MailGuard's cloud-based email security to keep your business safe for only a few dollars per staff member per month. Reduce the risk of malicious email entering your network. Talk to a MailGuard expert today: 1300 30 44 30.