Thank you for visiting our Partner Zone. This area is an exclusive space for MYOB Partners. Find out how to Partner with MYOB.
April 2017 - last edited November
UPDATE: Please scroll down for new comments with important updates.
We’ve learned that some clients have received emails containing fake invoices that direct people to a website where malware may be installed on their computer.
Here's an example of what one of these fake emails looks like.
Note that it was sent from one of the following email addresses or domains:
They will show a non-MYOB link when you hover over the link
Below is a copy of the known fraudulent links:
Here's what a real MYOB email looks like.:
We strongly recommend not clicking on links in messages that come from strange or unrecognised email addresses. We’d also like to remind people to ensure they have good anti-virus protection installed, make sure their software is up-to-date and they have firewalls in place.
We have alerted the relevant authorities about this scam and we are actively working with them to block the websites in question.
Here are some tips to protect yourself against fraudulent emails:
If you are unsure whether an email message from MYOB is genuine or if you’d like further clarification, you’re welcome to post on the MYOB Community Forum.
September 2017 - last edited November 2017
MYOB uses Docusign for generating supplier orders for our Practice Solution software. If you are not expecting one, please do not click on the link. If in any doubt about the source of the email, please contact your Partner Manager for clarification.
We use GlobalSign for the signing of our documents. When documents are sent using GlobalSign the sender will most likely be your MYOB accountant and not directly from MYOB.
A new MYOB phishing email pretending to be from MYOB employees has been reported. Instead of using a impersonated MYOB invoice, the attackers are using a Docusign request that at first glance appears to be sent from someone at MYOB.
The subject line on all the messages we've seen so far has been “Your MYOB Supply Order”. Here’s what one of the messages would look like:
If you receive one of these, please forward a copy to email@example.com. We request you to please follow the tips in the original post to protect yourself against fraudulent emails.
We’ve recently been made aware of two phishing campaigns where emails and SMS are being sent impersonating MYOB invoices!
1) Emails are being sent impersonating MYOB invoices, with the intent of infecting victims with the DanaBot trojan (banking trojan).
While we have not had any direct reports of such emails from our client base, we urge that you read the following links for information on what to look out for:
2) SMS sent to MYOB clients with a link of an invoice that is to be paid, where it is hoped the client will enter their userid and password for capture.
Below is a copy of one such message:
Note: MYOB does not send SMS with links to invoices for payment.
Tips to protect against fraudulent emails:
Please follow the tips to protect yourself against fraudulent emails. And if you receive any suspicious emails, please forward a copy to firstname.lastname@example.org.
We've recenly been made aware of a phishing campaign from 2nd October 2018, which involves emails being sent impersonating MYOB invoices, with the intent of infecting victims with a malicious file.
Here's an example of one such fake email:
Our Security team is actively working with authorities to block the websites in question.
If you receive one of these, please forward a copy to email@example.com. And request you to please follow the tips in the original post to protect yourself against fraudulent emails.