Warning – watch out for fake (spam / phishing) emails pretending to be from MYOB
UPDATE 31/01/2025: Please scroll down for new comments with important updates.
The latest
As well as attempts information to help protect you against people trying to gain access to a customers legitimate software, we have a tip for avoiding what happens next.
Typically one of two things will occur. The scammer will try to update the bank account to their own and issue invoices on behalf of the business.
Or they will send invites to people to 'join' their software, but when the person clicks 'I accept' they are redirected to external websites.
This is more likely to trick an accountant or bookkeeper as they would regularly receive invites to join their clients files
To help protect yourself, make sure you were expecting to be invited to a file before clicking accept. And also make sure that you hover your mouse over the 'I accept' button to see what URL you will be directed to (see image)
Stay vigilant everyone - we got this! > Posted by MikeG1
Previous important information/updates
Hi all,
We’ve learned that some clients have received emails containing fake invoices that direct people to a website where malware may be installed on their computer.
Here's an example of what one of these fake emails looks like.
Note that it was sent from one of the following email addresses or domains:
- noreply@myob-australia.com
- noreply@myobaustralia.org
- noreply@myobnetwork.com
- noreply@financialaccountant.info
- noreply@myobemail.com
- agustin.lopez@pasquel-hermanos.com
- noreply@app.myob360.com
- nonreply@apps.myobexpress.com
- noreply@apps.myob-online.com
- @skinpired.co.uk
- @sage-one.net
- @myobcenter.com
- account@craftedeals.com.au
- innowood.com
- enabling.net
- Or another non myob.com email address
They will show a non-MYOB link when you hover over the link
Below is a copy of the known fraudulent links:
- hxxp://runrelays.com/invoicelist.php
- hxxp://url1027.ravnzone.com/link/8214657b6fff8305bec2d77943383aeb
- hxxp://url0510.bornocare.com/link/
- hxxp://ifihadtwolives.com/process
- hxxps://arednfound.com/invoicelist.php
- hxxps://hms-group.us11.list-manage.com/track/click?u=68b4cd8940c89334dc9a72421&id=e3514044c9&e=d2cee9eb72
Here's what a real MYOB email looks like.:
(Note that it was sent from AccountRight@apps.myob.com and hovering on the link shows that it starts with http://links.apps.myob.com )
We strongly recommend not clicking on links in messages that come from strange or unrecognised email addresses. We’d also like to remind people to ensure they have good anti-virus protection installed, make sure their software is up-to-date and they have firewalls in place.
We have alerted the relevant authorities about this scam and we are actively working with them to block the websites in question.
Here are some tips to protect yourself against fraudulent emails:
- Only open emails from email addresses that you trust. Legitimate invoices from MYOB small business products will only come from accountright@apps.myob.com or noreply@apps.myob.com
- Check that any links are valid before clicking on them. Links from genuine MYOB emails to external sites will always start with links.apps.myob.com.
- Ask yourself if you expected to receive the email.
- Check it against previous emails from the same company. Does the email address, design and style of writing match what you usually receive?
- Use common sense. If you’re not sure, use an external method of communication (such as a phone number from the company’s website) to contact the company that sent the email.
If you are unsure whether an email message from MYOB is genuine or if you’d like further clarification, you’re welcome to post on the MYOB Community Forum.
