Thank you for visiting our Partner Zone. This area is an exclusive space for MYOB Partners. Find out how to Partner with MYOB.
We receive a high percentage of fake MYOB invoice emails with fake links to click on (which we do not open). To get around this we only accept PDF invoices to be emailed to us. In February a company tried to email a "real" MYOB invoice to us, which had a link to download their invoice, and there was no PDF attached. We suspect the email was automatically filtered into our junk mail which was why we never saw it.
We are concerned many small businesses are relying on emailing invoices using this feature as:
1. They can be confused for "fake" emails.
2. They can get lost in junk emails.
Can MYOB please change the way these invoices are generated to always include a PDF copy of the invoice as an attachment to these emails? I have seen some MYOB emails sent this way but it doesn't appear to be happening to all invoices? We do not use this feature so I don't know how it works, I'm just requesting that this feature be revised in lieu of all the fake virus emails out there.
Thank you very much for taking the time to write this, I have made sure that this has been sent through to the Product Teams to look into.
This is definitely a valid concern and one that I have ensured is considered closely by the teams involved.
I have also requested that they notify me on any decisions made for this so that I can update this Thread for other Users to read.
If anyone has any suggestions they have for this, please feel free to let us know.
MYOB Partner/Social Support
May 2018 - last edited May 2018
yes this is a geniune issue
his message is designed to look like an invoice created with MYOB - see screenshot above.
The email subject is shown as ‘Invoice INV-04085 from DXJ Company’ and the body of the message advises the recipient that they have an outstanding invoice requiring payment.
The ‘sender’ address shown in the email messages is ‘noreply[at]sage-one[dot]net’
This domain - ‘sage-one[dot]net’ - was created on a Chinese domain registrar yesterday.
It is never a good idea to open a .zip file from a link in an email, because zipped folders are often used to disguise malware.
This is a large-scale scam, so please forward this warning to your network.
MailGuard has protected our clients from receiving this message in their inboxes, but many unprotected email accounts may be impacted today.
Protect Your Inbox
- Always hover your mouse over links within emails and check the domain they’re pointing to. If they look suspicious or unfamiliar don’t open them.
- 9 out of 10 cyber-attacks are delivered via email, so it's essential to have the best email filtering in place to protect your systems. For a few dollars per staff member per month, you can have the peace of mind of MailGuard's comprehensive cloud-based email and web filtering. You’ll significantly reduce the risk of zero-day (previously unknown) threats and stop new variants of malicious email from entering your network.
- Keep up to date on the latest scams by subscribing to MailGuard updates or follow us on social media. If you’re experiencing problems, you can speak to a cloud security specialist on 1300 30 44 30
I have a client complaining that ever since receiving an MYOB invoice from me that they are now receiving a lot of fake invoices claiming to be generated by MYOB. This never happened to them before.
I know there can be many reasons why this would happen including malware on the clients computer, or mine (unlikely as I have it pretty well sealed up), or even on MYOB servers.
However it happens it is a concern to me that my genuine invoice is triggering spam / phishing content to be delivered to my clients.
I don't know the solution to just adding my voice to this concern.
Welcome to the MYOB Community Forum, I hope you find it a great resource
To the best of my knowledge those who are sending the fake invoices aren’t explicitly targeting MYOB clients or their clients, that said however it is entirely possible that there could be some overlap between your clients and those being targeted by those sending fake invoices.
Although your clients may set up various rules to filter out these fake invoices, there is one thing to consider which is getting your clients to whitelist the email address your sent invoices are coming from. The best way to get this email address is to send yourself one of these emailed invoices, which will come from the same email address.
You could then provide this email address to your client to advise them that this is the email address the invoices are coming from, so that they can whitelist that email address so that it doesn’t get looped in with the spam
Thanks I have already advised them to do that and will make sure that in future I advise clients in advance; just in case.
I received this one this morning, looks so real
I recommend having a look at our thread, Warning – watch out for fake emails pretending to be from MYOB, which does discuss the issue in more detail, as well as a few helpful tips to protect yourself.
That said, its always worth looking at the sender’s email address as well as how “real” the email looks, as the senders email address is often a very good indication as to whether it is a scam or not. The aforementioned thread has some of the scam email addresses that we have noticed, as well as legitimate ones so that you can see the difference.