A new year means new scams! Below are two scams you should be aware of that have been intercepted by MailGuard.
One is from a Fresh 92.7 account and the other is from DHL claiming, “your package is ready”.
These updates are courtesy from MailGuard.
Fresh 92.7 Email Scam
MailGuard has intercepted a phishing email sent from a compromised Fresh 92.7 account. The email titled, “Please Review the Project Proposal” is asking the user to open file sharing account, OneDrive.
The email looks like below and includes a link to a “secured file”.
According to MailGuard, unsuspecting recipients who click on the link to view the “document” are led to a login page containing the header OneDrive. The webpage looks pretty similar to how the legitimate Microsoft 365 page looked like about 6 months ago, so once you’ve got this far it is easy to think you are in the right place.
If you look a little harder, you will see this phishing page contains a URL which is not related to Microsoft or Fresh 92.7 and the page is hosted on GoDaddySites.com, a popular domain registrar and web hosting company.
Once a user enters their login details here, you will be greeted with a message saying you will be contacted within 48, meanwhile the users details have been harvested and will be used illegitimately.
While MailGuard have stopped this email from reaching recipients who are protected by MailGuard, you might not be so lucky. It is worth noting that this is a very common scam, as the scammers know that Billions of people are now using Microsoft 365 products so they can easily be duped by a page which looks fairly legitimate.
Read more here.
DHL Email Scam
DHL has been targeted once again in a phishing scam. We reported back in December about a DHL scam email doing the rounds and we are here once again. The email has the display name of “package team” and is titled “confirm your package”.
The email tells users that their package has arrived at the post office but hasn’t been delivered yet. It then asked them to pay a fee of “1.99 $” if they want to confirm and view the package’s shipping detail.
A link is given for the users to do so and looks like the below.
MailGuard notes the email includes DHL’s logo and other branding elements, the sender email address provided in the “From:” field does not appear to be a valid DHL address – a red flag pointing to the email’s illegitimacy. In addition, the email contains several formatting and spelling errors.
Anyone who falls for the scam and clicks on the link will be taken to a page which has stolen DHL’s branding. The page contains a captcha image to verify you are human and not a bot. This is likely an attempt by the cybercriminals to avoid detection. The page looks like this:
After accepting the captcha victims will be taken to a page asking to enter users credit card details as below. After entering credit card details a message pops up advising that the request is being processed with the bank and to keep the page open. This will then be followed a few weeks later by an awkward conversation with your partner about why the credit card has been maxed out,
DHL, FedEx and Australia Post are often impersonated by scammers as they are trusted names with a huge customer base. If you receive an email like this, we strongly advise you to delete the email. Feel free to call us on 1300 770 035 if you are concerned you may have been a victim.
Read more here.
Take Home Message
Email scams or phishing come in various forms either telling someone they’ve won money; their account has been hacked or prompting a change in password.
If you’ve received an email from a sender that doesn’t seem familiar or a contact has sent you an email with information that doesn’t seem quite right, please flag it with us and we will review it for you.
Every month we will be sharing the latest in email scams courtesy of MailGuard.
To get a more comprehensive understanding of how to spot scam, please refer to one of our previous blogs:
Using mail protection software is a great way to control email, and reduce the chance of receiving such scam.
If you are interested in using MailGuard to add an extra layer of security to your email and reduce your risk of being the next victim of a phishing scam, reach out to us today at [email protected] or call us on 1300 770 035.
Comments are closed.