Here at Bang IT Solutions we want to keep our clients up to date with the current email scams to make sure they avoid a potential data breach.
For the month of August two new email scams have been highlighted by MailGuard that are currently circulating people’s inboxes.
One is using compromised Dropbox accounts to scam users and another asks users to review “pending emails” via a link which is trying to look like Microsoft Office 365.
Compromised Dropbox Accounts
We’ve seen the Dropbox scams before, but they are out in force again, as scammers are aware employees are working from home more and sharing confidential business documents. These emails scams are sent to users via a compromised Dropbox account. They either invite users to open a PDF file or have claimed to send them a file via Dropbox Transfer (see image below).
MailGuard said these PDF files will most likely contain links to external phishing sites seeking to obtain user credentials.
Email scams that are initiated from compromised file sharing accounts like Dropbox are particularly dangerous as the emails are sent from a legitimate account so they most likely will not be blocked by email security services.
Users are more likely to open emails from these companies as they are a trusted service and they most likely have an account and know who the sender is.
Dropbox provide further information on their website https://help.dropbox.com/accounts-billing/security/phishing-virus-protection for users to report suspicious activity.
Report any suspicious items that appear to be from Dropbox by sending an email to [email protected].
Review Pending Emails
The second scam involves an email sent to users alerting them to unread emails from an Office365 account.
According to MailGuard it intercepted a phishing email scam that uses the display name “Mail Delivery System”.
The email forges the recipient’s address as the envelope address. It is titled “You have 8 pending emails for…”, along with the recipient’s email address.
The email body includes a header with the words “Office 365” and informs users that they have “8 pending emails” from their “organisation”. A button is provided for users to “review messages to release or block them”.
Once the link is clicked on it takes them to a page that is not hosted by Microsoft 365 and asks them to re-enter their password in a box that is designed similar to that of Microsoft Outlook with the correct logos.
This is a phishing page used to obtain user’s passwords. If you receive this email, delete immediately and do not click on any of the links.
Take Home Message
Email scams or phishing come in various forms either telling someone they’ve won money; their account has been hacked or a change in password.
If you’ve received an email from a sender that doesn’t seem familiar or a contact has sent you an email with information that doesn’t seem quite right, please flag it with us and we will review it for you.
Every month we will be sharing the latest in email scams courtesy of MailGuard.
To get a more comprehensive understanding of how to spot scam, please refer to one of our previous blogs:
Using mail protection software is a great way to control email, and reduce the chance of receiving such scam.
If you are interested in using MailGuard to add an extra layer of security to your email, reach out to us today at [email protected] or call us on 1300 770 035.
Comments are closed.