eFax Email Phishing Scam

Posted on Aug 28, 2012

Last updated: July 7, 2015

If you receive an email from eFax and think that there is something strange with its content, you are probably right.  I recently received a Fax Message and at first glance, everything seemed legitimate. However my curiosity got the better of me and after further review, I noticed that there were problems with the email. I do own an eFax account but the number in the screenshot along with the highlighted link looked a bit odd to me. I read a lot about IT security matters and I write blogs about a variety of IT support and network security topics. I can say that without reservation, it’s common to see fake phishing emails like these from reputable establishments like Bank of America, UPS, and even eFax.

How does the eFax malware scam work

Now, believe it or not, fax is still a mission critical tool for many businesses and eFax is a popular digital fax service where incoming faxes are received as .PDF attachment files that a user needs to download locally in order to read them. This makes it a perfect tool for phishing which basically means that scammers exploit the credibility of the brand to lure you to click on a link to a dangerous file intended to compromise your device or network.

Luckily, I didn’t click on the link to check the details even though this email got past our spam filter. Our company has a what we consider a trusted and secure email filter, and I will refrain from naming it since our subsequent test showed that letting this type of spam was a rule rather than an exception for the most commonly used mailing services.

Shortly thereafter, a colleague of mine sent an email to me regarding the same information, only aimed towards him. Once I hovered my mouse over the link in the email, it became obvious see that the link was a redirect towards another site, which was in no way affiliated with eFax.

What to look for

All the information looked pretty legitimate and fairly convincing, and I have to admit that it almost had me fooled and I surely would have felt like an idiot, especially since I follow security news daily.

Our IT support team was notified about the email and I decided to write a blog post about my recent “phishy” eFax experience. It shows that not all emails can be completely trusted, and users are still susceptible to illicit attempts, even with a enterprise grade email spam blocker.

As a company based in Washington D.C. with a significant public sector portfolio many of our clients still use fax as part of their mission critical communications and I receive legitimate messages from the eFax service on a daily basis. On the surface, this message looked legit on first impression but I couldn’t shake the feeling that something was not quite right about it. The font was different and the eFax logo was a bit larger than what I was normally used to seeing. These minor “peculiarities” were enough to convince me that I should not click on the links in the message (although it was definitely a close call).

How to stay safe

This just goes to show that sometimes you have to rely on your instinct – or at least pay attention to the details before you take a digital action! If you receive an email and something looks a little bit odd, take a closer look at the link destinations to make sure that everything is ok. This might save you and your IT Support provider a lot of time. It is important to emphasize that this is particularly valid if the message comes from a familiar source but it deviates from the standard format.

Best practice dictates to be on the lookout for emails such as the one described above and to verify the destination of links contained in the email body (even if the message appears to come from a trusted source!).

Written by IT Support and IT Consulting Professionals at FedSolutions. Thanks for reading!