fbpx

Generic Invoice is a Phishing Scam

Fake NAB E-mails
27/11/2018
Don’t fall for this e-mail scam
30/11/2018
Show all

Generic Invoice is a Phishing Scam

https://www.mailguard.com.au/hubfs/Generic%20Invoice%20Scam%20221118/1st%20subject%20line.jpg?t=1542865478471

 

MailGuard has intercepted a generic invoice email that leads to a phishing page. 

 

This email is not a very well designed attack compared to some of the more sophisticated scams we see here at MailGuard. The email is in a plain text format and contains grammatical errors; a red flag to anyone conscious of email security concerns. It directs recipients to click on an attached invoice and contains reference numbers of the invoice.  

There are 2 subjects used in this phishing email attack:

  • ‘Please overdue statement and remit payment at your earliest!’
  • ‘Incoming New-Invoice Received’

Here is a screenshot of the email with the first subject line:

1st subject line

And here is the second:

2nd subject line

Using a display name of the ‘Accounts Dept’, the body of both emails contain no text other than the signature of the compromised account. The designation mentioned in the signature is ‘Accounting Manager’.

Both emails have a .pdf file attached, which includes a link to ‘view file’.

PDF attached

This link leads to an Office 365 phishing page, requesting users to enter their email address and password to view the file.

 

0365 phishing page

 

This invoice-related phishing scam is a good reminder of how innocent-looking, plain emails can, in fact, be malicious. As simple as they may seem, these attacks are happening all too regularly, and with devastating effect. Not only can they gain access to confidential data of individual employees and firms, they can, ultimately, inflict significant financial and reputational damage on an organisation.

Tell-tale signs of phishing scams

  • A sense of urgency
  • Bad grammar or misuse of punctuation and poor-quality or distorted graphics
  • An instruction to click a link to perform an action (hover over them to see where you’re really being directed)
  • Obscure sending addresses (for example, Hotmail, gmail, Yahoo addresses should set alarms bells ringing)

Don’t get scammed

If your company’s email accounts aren’t protected, emails like the one above are almost certainly being received by your staff.  Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.

People are not machines; we’re all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.

For a few dollars per staff member per month, add MailGuard’s cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network.