There is a new scam going around and this time it is targeting Australian workers.
MailGuard warns Australians of a DocuSign email scam that tricks workers into opening what they believe to be a company payslip.
Scammers go so far as to include fake business names and business email addresses.
“The attacker makes extensive use of the victim’s trade name, which is a common tactic to feign authenticity,” MailGuard said.
“The attacker also made it appear that the email was sent from an account at the recipient’s company, which adds even more plausibility that this is a genuine alert. .”
The subject of the fraudulent email is: “Reminder: Please DocuSign [Company Name] Paylips/Payroll – February 2023 “and uses the courier account”[Company Name] Papers”.
According to MailGuard, the email looks like a real DocuSign alert and uses the same logo and disclaimer.
The recipient is prompted to click a button to “review and sign” the documents. But after clicking on the link, the worker is redirected to the phishing site which copies the Microsoft Office 365 login page and is redirected to enter passwordwhich won’t work.
“It’s a simple but effective phishing attack,” MailGuard said.
“After a few attempts to enter their password, the employee may leave the tab frustrated with a plan to try again later, causing them to forget it. During this time, the attacker can log into their account and access sensitive emails and files, or communicate with other employees, customers, or vendors in business email compromise attacks.
If you receive this email, MailGuard tells you to “delete it immediately” and not to click on any links.
Australians have been flooded with scams during the last years. Last year, Australians lost over $24.6 million to phishing scams, and over 74,500 people reported the scams.
Follow Yahoo Finance on Facebook, LinkedIn, instagram And Twitterand subscribe for free to our daily newsletter.