Hi @PPANicky

Thank you very much for taking the time to write this, I have made sure that this has been sent through to the Product Teams to look into.

This is definitely a valid concern and one that I have ensured is considered closely by the teams involved.

I have also requested that they notify me on any decisions made for this so that I can update this Thread for other Users to read.

If anyone has any suggestions they have for this, please feel free to let us know.

Cheers,
Hayden
MYOB Partner/Social Support

hello,

yes this is a geniune issue

his message is designed to look like an invoice created with MYOB - see screenshot above.

The email subject is shown as ‘Invoice INV-04085 from DXJ Company’ and the body of the message advises the recipient that they have an outstanding invoice requiring payment.

The ‘sender’ address shown in the email messages is ‘noreply[at]sage-one[dot]net’
This domain - ‘sage-one[dot]net’ - was created on a Chinese domain registrar yesterday.

This is not a legitimate MYOB message. Clicking on the ‘view invoice’ link in this email will take the recipient to a zipped JavaScript file and invite them to download and open it. See screenshot below:

JavaScript files linked by scams of this type typically activate malware on victim’s computers. In this instance the JavaScript appears to be a 'dropper' - a type of malware which downloads spyware and viruses to a compromised computer without the victim's knowledge.

It is never a good idea to open a .zip file from a link in an email, because zipped folders are often used to disguise malware.

This is a large-scale scam, so please forward this warning to your network.
MailGuard has protected our clients from receiving this message in their inboxes, but many unprotected email accounts may be impacted today.

Protect Your Inbox

- Always hover your mouse over links within emails and check the domain they’re pointing to. If they look suspicious or unfamiliar don’t open them.

- 9 out of 10 cyber-attacks are delivered via email, so it's essential to have the best email filtering in place to protect your systems. For a few dollars per staff member per month, you can have the peace of mind of MailGuard's comprehensive cloud-based email and web filtering. You’ll significantly reduce the risk of zero-day (previously unknown) threats and stop new variants of malicious email from entering your network.

- Keep up to date on the latest scams by subscribing to MailGuard updates or follow us on social media. If you’re experiencing problems, you can speak to a cloud security specialist on 1300 30 44 30

regards

omkar

Tutuapp Android 9Apps Android Aptoide Android
 

I have a client complaining that ever since receiving an MYOB invoice from me that they are now receiving a lot of fake invoices claiming to be generated by MYOB. This never happened to them before. 

I know there can be many reasons why this would happen including malware on the clients computer, or mine (unlikely as I have it pretty well sealed up), or even on MYOB servers. 

However it happens it is a concern to me that my genuine invoice is triggering spam / phishing content to be delivered to my clients. 

I don't know the solution to just adding my voice to this concern. 

Cheers

HI @Tweedsmarine

Welcome to the MYOB Community Forum, I hope you find it a great resource

To the best of my knowledge those who are sending the fake invoices aren’t explicitly targeting MYOB clients or their clients, that said however it is entirely possible that there could be some overlap between your clients and those being targeted by those sending fake invoices.

Although your clients may set up various rules to filter out these fake invoices, there is one thing to consider which is getting your clients to whitelist the email address your sent invoices are coming from. The best way to get this email address is to send yourself one of these emailed invoices, which will come from the same email address.   

You could then provide this email address to your client to advise them that this is the email address the invoices are coming from, so that they can whitelist that email address so that it doesn’t get looped in with the spam

Thanks I have already advised them to do that and will make sure that in future I advise clients in advance; just in case. 

I received this one this morning, looks so real

HI @plumgas

I recommend having a look at our thread, Warning – watch out for fake emails pretending to be from MYOB, which does discuss the issue in more detail, as well as a few helpful tips to protect yourself.

That said, its always worth looking at the sender’s email address as well as how “real” the email looks, as the senders email address is often a very good indication as to whether it is a scam or not. The aforementioned thread has some of the scam email addresses that we have noticed, as well as legitimate ones so that you can see the difference.