MYOBCommunity
Partner Zone
|
|
Partner Zone

Warning – watch out for fake (spam / phishing) emails pretending to be from MYOB

MYOB Moderator Steven_M
25,569 Posts
MYOB Moderator
New Zealand
Steven_M
MYOB Moderator

25569Posts

2942Kudos

3732Solutions

Warning – watch out for fake (spam / phishing) emails pretending to be from MYOB

UPDATE: Please refer to comments below for more important updates dated 19/09/2017 and 19/07/2018 . 

 

Hi all,

 

We’ve learned that some clients have received emails containing fake invoices that direct people to a website where malware may be installed on their computer.


Here's an example of what one of these fake emails looks like.

Note that it was sent from one of the following email addresses or domains:

They will show a non-MYOB link when you hover over the link

 

B2526003.PNG


Here's what a real MYOB email looks like.:

(Note that it was sent from AccountRight@apps.myob.com and hovering on the link shows that it starts with http://links.apps.myob.com )

 

40BB1228.PNG

 

We strongly recommend not clicking on links in messages that come from strange or unrecognised email addresses. We’d also like to remind people to ensure they have good anti-virus protection installed, make sure their software is up-to-date and they have firewalls in place.

 

We have alerted the relevant authorities about this scam and we are actively working with them to block the websites in question.

 

Here are some tips to protect yourself against fraudulent emails:

  • Only open emails from email addresses that you trust. Legitimate invoices from MYOB small business products will only come from accountright@apps.myob.com or noreply@apps.myob.com
  • Check that any links are valid before clicking on them. Links from genuine MYOB emails to external sites will always start with links.apps.myob.com.
  • Ask yourself if you expected to receive the email.
  • Check it against previous emails from the same company. Does the email address, design and style of writing match what you usually receive?
  • Use common sense. If you’re not sure, use an external method of communication (such as a phone number from the company’s website) to contact the company that sent the email.

 If you are unsure whether an email message from MYOB is genuine or if you’d like further clarification, you’re welcome to post on the MYOB Community Forum.


Kind Regards,
Steven
MYOB Client Support
2 REPLIES
Community Manager Suja_P
5,621 Posts
Community Manager
Australia
Suja_P
Community Manager

5621Posts

1995Kudos

463Solutions

Re: Warning – watch out for fake invoice emails pretending to be from MYOB

UPDATE:

MYOB uses Docusign for generating supplier orders for our Practice Solution software. If you are not expecting one, please do not click on the link. If in any doubt about the source of the email, please contact your Partner Manager for clarification.

We use GlobalSign for the signing of our documents. When documents are sent using GlobalSign the sender will most likely be your MYOB accountant and not directly from MYOB.

 

Hi all,

 

A new MYOB phishing email pretending to be from MYOB employees has been reported. Instead of using a impersonated MYOB invoice, the attackers are using a Docusign request that at first glance appears to be sent from someone at MYOB.

 

The subject line on all the messages we've seen so far has been “Your MYOB Supply Order”. Here’s what one of the messages would look like:

 

phishing email.png

 

If you receive one of these, please forward a copy to securityteam@myob.com. We request you to please follow the tips in the original post to protect yourself against fraudulent emails. 


Kind regards,

Suja Pillai
Social Support and Community Manager
MYOB Australia Pty Ltd

Community Manager Suja_P
5,621 Posts
Community Manager
Australia
Suja_P
Community Manager

5621Posts

1995Kudos

463Solutions

Re: Warning – watch out for fake emails pretending to be from MYOB

Hi all,

 

We’ve recently been made aware of two phishing campaigns where emails and SMS are being sent impersonating MYOB invoices!

 

1) Emails are being sent impersonating MYOB invoices, with the intent of infecting victims with the DanaBot trojan (banking trojan).

 

While we have not had any direct reports of such emails from our client base, we urge that you read the following links for information on what to look out for:

 

 

2) SMS sent to MYOB clients with a link of an invoice that is to be paid, where it is hoped the client will enter their userid and password for capture. 

 

Below is a copy of one such message:

 

 

SMS image.jpg

 

Note:  MYOB does not send SMS with links to invoices for payment.

 

Tips to protect against fraudulent emails:

 

  • Only open emails from email addresses that you trust. Legitimate invoices from MYOB small business products will only come from accountright@apps.myob.comor noreply@apps.myob.com
  • Check that links are valid before clicking on them. Links from genuine MYOB emails to external sites will always start with apps.myob.com.
  • Ask yourself if you expected to receive the email.
  • Check it against previous emails from the same company. Does the email address, design and style of writing match what you usually receive?
  • Use common sense. If you’re not sure, use an external method of communication (such as a phone number from the company’s website) to contact the company that sent the email.

Please follow the tips to protect yourself against fraudulent emails. And if you receive any suspicious emails, please forward a copy to securityteam@myob.com.


Kind regards,

Suja Pillai
Social Support and Community Manager
MYOB Australia Pty Ltd

Didn't find your answer here?
Try using advanced search to find a post more easily Advanced Search
or
Get the conversation started and make a new post Start a Post