NetDefence - Security Services Distributor

Blog

Product announcements, updates and news.

Email scam brandjacks One Drive

1.png

We've blocked a malicious email scam brandjacking One Drive.  

The email tells the recipient there's a purchase order to review, with a link to view the file. The link directs the user to a fake Office 365 phishing website, then asks the user to enter your email address and password. Once submitted, the page indicates the details entered are incorrect and requires input again.

The email is being sent from what appears to be a compromised mailbox.

If you see this message in your inbox delete it immediately. 

What is brandjacking?

Brandjacking is basically a kind of forgery. Scammers use the trademarks of well-known companies in their emails to deceive their victims and gain their trust.

In a typical brandjacking scam, criminals create email templates that look like messages from big companies and send them out wholesale to millions of recipients. When the scam message shows up in a victim’s inbox they feel safe opening it because it looks like a legitimate message from a familiar company.

Some commonly used brandjacking formats are fake invoice notifications or requests for account verification.

Don't get scammed

If your company’s email accounts aren’t protected, scam emails like the one above are almost certainly being received by your staff.  Cybercriminals know people can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.

People are not machines; we're all capable of making bad judgement calls. Without email filtering protecting your business, it’s just a matter of time before someone in your organisation has a momentary lapse of judgement and clicks on the wrong thing.

For a few dollars per staff member per month, you can protect your business with MailGuard's predictive email security

Tim Moreillon