Spear Phishing Attack Relies on eFax Messages

Organizations should warn their employees of this campaign

By on August 17th, 2012 08:06 GMT

The IT departments of companies should be warning employees of bogus eFax Corporate messages that attempt to trick recipients into accessing websites which contain malicious JavaScript.

The emails appear to come from messages@inbound.efax.com (the default eFax account) and they’re entitled “Corporate eFax message – 3 pages,” ISC experts report.

So far its unknown if this new spear phishing campaign is widespread, but it’s clear that organizations should be on the lookout to avoid any unfortunate incidents.

Here’s what the emails look like:

Fax Message [Caller – ID:

You have received a 3 pages fax at [date] [time] GMT.

• The reference number for this fax is min1_did39-0196190140-9398541474-08

View this fax using your PDF reader.

Click here to view this message

Please visit www.eFax.com/en/efax/twa/page/help if you have any questions regarding this message or your service. Thank you for using eFax service!
Fake eFax email
   Fake eFax email
MORE ON THIS TOPIC
LATEST NEWS
HOT RIGHT NOW

75 Comments