Phony jConnect “Fax Message” Emails Contain Malicious Links

Fax SpamBusy professionals that send and/or receive multiple faxes on a daily basis are advised to keep an eye out for phishing emails posing as incoming fax notifications.

We recently received a spam message purporting to be a new fax notification from jConnect, a legitimate service that allows you to send and receive faxes by email.

The email, titled “Fax Message at 2013-08-07 05:22:53 EST” has a spoofed sender’s address (message@inbound.efax.com) and appears to be authentic at first glance. The minor flaws that may give away the fact that the email is a fake – like the missing transmission start time, for example – can easily be glossed over by the recipient if they’re rushing through their work inbox.

Below is a copy of the spam email to look out for:

jConnect Fax Spam

From: Fax Message (message@inbound.efax.com)
Subject: Fax Message at 2013-08-07 05:22:53 EST

Fax Message
You have received 8 fax page(s) at 2013-08-07 05:22:53 EST.
The reference number for this fax is nrus_qfa96-2706959852-3025185046-65.
The transmission start time for this fax is .

Click here to view this message in your web browser

Please visit http://www.j2.com/help if you have any questions regarding this message or your j2 service.
Thank you for using jConnect!

What the email lacks in nasty file attachments it makes up for with bad hyperlinks. All of the links within the email point to a compromised third-party websites rigged with malicious code that will attempt to exploit system vulnerabilities in order to drop malware on the target machine.

How to Keep Your PC Safe

Thankfully, this attack can easily be avoided.

Here are a few steps that computer users can take in order to keep their system safe:

  • Look before you click! Always hover your mouse over hyperlinks to view the true destination URL before clicking on it. If it doesn’t match or if the URL looks suspicious, do not click on it! Additionally, we also recommend manually typing in the address of the website you wish to visit vs. clicking links, when applicable.
  • Do not click links or download files attached to emails from unknown or untrusted senders.
  • Keep your operating system and installed software fully patched and up-to-date.
  • Always run antivirus software that offers real-time scanning and keep the virus definitions current.

What to Do With Spam Emails

If you received a spam email similar to the one above, or another email that you believe to be spam, we strongly advise you to:

  1. Avoid clicking on any of the links.
  2. Report the email to SpamCop.
  3. Delete the email immediately.

Too late – I already clicked a link!

Did you already open the email and click the link? We strongly advise you to:

  • Perform a full system scan using your installed antivirus program
  • Bring the computer in to be evaluated by one of our certified computer repair technicians if you suspect that your PC has been infected with malware that your antivirus can’t detect.

Give us a call at 858-268-4774 to get more information on our diagnostic and virus removal services.

Otherwise, be sure to exercise caution when checking your email and don’t click on any suspicious links!

Have you received any suspicious fax emails lately?

Like this post? Follow us online by liking us on Facebook, following us on Twitter (@thechipmerchant), or circling us on Google+.