According to MailGuard, the new scam purports to be a Telstra Media billing notice and asks the recipient to view their "BPAY payment invoice" but the link actually points to a zipped malware file.
”If you get an email message like the one in the screenshot above, claiming to be from 'Telstra Media,' don't open it or click on the links it contains,” MailGuard warns.
“This deceptively simple email scam is trying to use the well-known brands ‘Telstra’ and ‘BPAY’ to create a false sense of trust in its potential victims.”
“The more recognisable and popular the brand, the better it is as a brandjacking tool,” MailGuard says.
MailGuard describes brandjacking as a kind of forgery in which scammers exploit the trademarks of well-known companies to deceive their victims and gain their trust.
“In a typical brandjacking scam, criminals create email templates that look like messages from big companies and send them out wholesale to millions of recipients. When the scam messages show up in victim’s inboxes they feel safe opening them, because they look like legitimate emails from familiar companies.
“If your company’s email accounts aren’t protected, brandjacking emails are almost certainly being received by your staff. Cyber criminals know we can be tricked; that’s why they send out millions of scam messages and put so much effort into making them look convincing.”