Using Zoho as your customer relationship management (CRM) tool, subscribe to Zoho communications or use Zoho Docs? Or maybe you're just curious? Don't get sucked into the latest fast-breaking criminal intent phishing scam detected by MailGuard today.
The HTML-formatted email claims to be sharing a tax report and GST calculation worksheet. Don't respond to 'Les Parkinson', who signs off the personalised email.
People may be enticed to engage due to the fake GST payable amount of $8,919. Links in the email point to the legitimate Zoho Docs service hosting an archive file containing malicious JavaScript code.
The sender domain, zohocrm.org, was registered with a company based in China on 14 January 2018.
The sending address and display address is always noreply{at}zohocrm{dot}org.
Each sender display name is unique, below are some samples from what we've discovered:
Todd Soden via Zoho Docs
Graham Cooper via Zoho Docs
Paul Rogers via Zoho Docs
Shae Mccoll via Zoho Docs
Peter Rutherford via Zoho Docs
Angela Smith via Zoho Docs
Melanie Philp via Zoho Docs
Cameron Bastion via Zoho Docs
Dominic Wecker via Zoho Docs
Kathryn Grimshaw via Zoho Docs
Protect yourself and your business from cybercrime
New scams like this one appear every day. Don’t wait until it happens to your business. Take action now to protect your company from financial and reputational damage.
Add MailGuard's cloud-based email security to keep your business safe for only a few dollars per staff member per month. Reduce the risk of malicious email entering your network. Talk to a MailGuard expert today: 1300 30 44 30.