MailGuard Blog

National Australia Bank (NAB) has once again been impersonated by cybercriminals in a phishing email scam designed to steal users’ confidential data.

Customers should be wary of an email titled “Please review your account” claiming that their debit card has been blocked.

Intercepted by MailGuard, this new phishing scam advises customers that their “debit card has been temporarily blocked” and that “online payments and cash withdrawals can’t be made until the issue is resolved.” To create a sense of urgency, the email also asks to “confirm your details within the next 48 hours.”

Sent from “NAB”, the sender name is spoofing National Australia Bank with the actual sender address of “oren(at)orentzo(dot)co(dot)il”, and an email subject reading, “Please review your account”.

In this case the scammers have added a degree of sophistication by varying the sender email addresses. Using different SendGrid email addresses i.e. airmaster(dot)com(dot)au(at)sendgrid(dot)net or lynchgroup(dot)com(dot)au(at)sendgrid(dot)net, the scammers aim to avoid being be blocked by email security services.

Got an email from Netflix claiming ‘Your Account Has Been Blocked’? Take care, it’s likely to be the latest scam email that is now being intercepted by MailGuard. The email asks customers to ‘Update current billing information’, advising that the service is ‘unable to approve your payment for your next subscription cycle’.

Sent from ‘Support’, the sender email is actually ‘support(at)cu-newyearparty2022(dot)com’,  a domain address registered within the last month, and not an official Netflix account. The mail server is hosted in Japan, and the websites' domain appears to be registered in India, hosted by Newfold Digital, a very large web hosting company.

BOQ (Bank of Queensland) customers should be wary of email’s claiming that there is a problem with their account. A new email phishing scam is being blocked by MailGuard, with the subject of ‘BOQ Account Closed’, it informs recipients that they have ‘1 New Message & Alert In Your Online Banking Account’.

Sent from ‘BOQ’, with a convincing ‘noreply(at)boq(dot)com(dot)au’ sender email address, customers could be forgiven for thinking that it may be authentic. To add to it’s credibility, the criminals behind the attack have also included the copyright information and Australian Credit License number for the bank.

A new Australia Post email phishing scam seeks to take advantage of the recent rush of deliveries over the Christmas and New Year break, and with many more Australians still isolating and reliant on online orders due to the continuing spectre of COVID19, they could easily fall prey for the scam. It advises recipients that a shipment is awaiting instructions, with a small fee of $1.99 (AUD) now due.

Sent from ‘Austpost’, the sender name is spoofing Australia Post with the actual sender address of ‘toolbox(at)registr(dot)com’, and an email subject reading, ‘Package pending status!’.

Scammers have mimicked one of Australia’s leading domain registrar and web hosting companies, Crazy Domains, in a phishing email currently being blocked by MailGuard. The fake renewal email targets vulnerable customers, mainly small businesses, who are told that they are at risk of having their account suspended if they do not update their credit card details, creating urgency for customers that need to ensure that their website is running, particularly during to the busy holiday period upon us.  

A phishing email, purporting to be from a medical imaging business, uses Microsoft branding to try and trick users into providing cybercriminals with their Outlook Web App email and password details. It appears both the email address and server, from two different businesses, have been compromised in this phishing attempt. Users are urged to remain cautious and check any unfamiliar emails twice before clicking on any links.  

In 2020, Australians lost over $850 million to scams. A new report by the Australian Competition & Consumer Commission found phishing was the most reported type of scam across the country, rising to “unprecedented levels” in comparison to 2019. “Phishing activity thrived during the pandemic. Over 44,000 reports were received, representing a 75% increase,” the report stated.  

Millions of Westpac online banking customers are being targeted in a phishing scam that aims to steal crucial details, including login and credit card information. With the holidays in sight, and many Australians’ relying on their online banking for purchases, paying bills, and checking their bank accounts, scammers have used emotive messaging to trick even the savviest user into thinking this may be a legitimate communication from Westpac.  

It’s one of the most contentious topics facing businesses and cybersecurity professionals at the moment: Should ransomware payments be illegal?

Microsoft Office 365 and Smartsheet users are cautioned to be aware of any email correspondence asking you to open and sign a ‘Confidential Commercial Credit’ agreement. This is a phishing attempt, that not only aims to steal sensitive login credentials, but potentially download malware, that could be incredibly damaging to networks. With millions of Smartsheet and Microsoft users worldwide, it is more than likely that innocent victims will fall prey to this phishing attempt, particularly since the scammers are using compromised email addresses to trick recipients, utilising trusted Microsoft branding elements and given the frequency of shared documents amongst time-poor workers. Therefore, recipients are warned to remain vigilant and refrain from downloading any suspicious or unexpected files.  

Parcel delivery scams are surging, with the latest phishing email being blocked by MailGuard impersonating leading international delivery service, DHL Express. Once again, cybercriminals are targeting the vulnerability of those urgently awaiting packages, particularly from overseas. There has been a rapid rise in parcel delivery scams in recent weeks, mimicking logistics providers such as DHL and Australia Post, with scammers no doubt making the most of the festive season to lure in unsuspecting victims.  

A nasty parcel delivery scam purporting to be from Australia Post is currently being blocked by MailGuard. With the festive season well and truly upon us, combined with the increase in parcel deliveries due to COVID related restrictions that are still in place nation-wide with customers eagerly awaiting packages, there is no shortage of phishing attempts by cybercriminals who are taking full advantage to steal sensitive credentials for follow-on criminal activity. It’s imperative that Australia Post customers remain vigilant upon receiving any communication pertaining to deliveries, especially one’s that you are not expecting.  

Microsoft customers are being targeted with a fraudulent ‘Spam Notification’ email advising them that a message has been quarantined by the ‘Security and Compliance Center’. In fact, this is a bid by cybercriminals to lure unsuspecting victims into providing them with sensitive Microsoft Office 365 credentials. The scam is unique in that it is mimicking Microsoft’s own email security safeguards, which could confuse users. This phishing attempt is being blocked by MailGuard.  

Optus customers need to be wary of a phishing email that may land in their inbox, claiming to offer a refund. A similar email, intercepted by MailGuard earlier in the month mimicking another popular telecommunications provider, uses the same messaging, offering victims a refund on their bill due to a system error.  

Microsoft 365 Business customers beware, there’s a phishing email currently circulating, purporting to be from Microsoft, with the subject line ‘Re: View Your Microsoft 365 Business Standard invoice’. Trusted by over 300 million customers worldwide, it’s common for scammers to spoof Microsoft to try to steal sensitive credentials from customers. Providing details such as your login email or password to your Microsoft Office 365 account means that cybercriminals can access your email, calendars, contacts and sensitive company information that can be used to design BEC scams, for identity fraud, or sold on the dark web, plus other criminal activity.