Alert Scam Warning

Recently, Apple, Xero and Go Via were among the companies whose brands were hijacked by scammers, with phishing email campaigns using the businesses’ brands to dupe local recipients. On 19 March, email filtering and security company, MailGuard, said in a blog post that it had spotted a phishing scam using Apple branding and employing a “well made” fake Apple login screen. According to MailGuard, the fake Apple website is hosted at a similar URL to Apple's own websites and the design of the page is quite convincing.

If the recipient of the dodgy fake Apple email clicks on the link in the message, they are taken to the fake login page where their credential data would be harvested.

The phishing campaign suggests that the messages were sent from the email domain ‘@applemail.email’ which is hosted with Google mail, meaning it can pass certain authentication tests and, as such, is likely to penetrate multiple inboxes.

A few days later another wave of dodgy emails exploiting the brand of cloud accounting provider, Xero, was spotted. The criminals who are operating this scam appear to have registered four new domains with a Chinese registrar during March that are very similar to Xero's own URL's. MailGuard warned that the individual messages sent out in the latest phishing campaign bear real business names, with the names used in the ‘subject’ fields of the email messages. The objective of this email is to get the recipient to click on a link that will direct them to a hidden JavaScript malware file.