GDPR + NDB: Tough Cybersecurity Laws - Weekly MailGuard Digest

Posted by Emmanuel Marshall on 17 November 2017 15:27:11 AEDT


It's been a non-stop week at MailGuard with multiple brandjacking, phishing and malware scams detected and blocked by our threat detection engines.

Our CEO, Craig McDonald wrote an insightful article for the blog on Monday explaining the potential impact of the new EU's GDPR regime. Craig will be speaking at the Australian Institute of Management (AIM) Western Australia next week, discussing the challenges cybersecurity presents to business leaders. 

As a 'thank you' to all our blog readers, we're giving away 6 signed copies of Craig McDonald's book: ‘Surviving the Rise of Cybercrime’. For details of the draw and how to win your copy, click here.

Here are the top stories from the blog this week:

Aldi, Bunnings, Amcal Brandjacked

bunnings-masked.pngThis week MailGuard detected a run of phishing emails impersonating major retail brands including Aldi, Bunnings and Amcal. This sort of 'brandjacking' scam uses the power of major brands to entice users to click on malicious links.

Despite being simple HTML emails they are well formatted and could be easily mistaken for the real thing by unsuspecting recipients.  

We anticipate that this scam could trick a lot of people, so if you received a suspicious looking email of this type, please refer top the full article on our blog, here...

Punitive New Fines Under the GDPR

europe locked up-1.jpegOn Monday, MailGuard CEO Craig McDonald published an article looking at the incoming GDPR regulations and what they will mean for business. 

The EU's GDPR laws step up the pressure on companies to protect sensitive data effectively, bringing in harsh new penalties for organisations that allow data they are holding to become public or fall into criminal hands:

"In 2015, the Hilton hotel company suffered criminal-intent data breaches that exposed hundreds of thousands of customer credit card records. Last week the New York Attorney General gave Hilton a US$700k fine for the breach...In May 2018, the EU will introduce a new regulation; the ‘General Data Protection Rule.’ Under this new regime, any company doing business in the EU - or even just selling goods or services to EU citizens - will be subject to penalties up to 4% of their annual revenue...  under the new EU rules coming into effect Hilton would also potentially be facing a whopping US$420 million penalty from the EU..."

>> Read Craig McDonald's full article on the GDPR, here.

Australia's New Data-Security Regime

AdobeStock_65699200.jpegOn Tuesday the MailGuard blog brought you a story about the incoming NDB scheme. As of February next year, Australian companies that trade in personal information or collect customer data will be required to notify individuals if their personal information is compromised. If a company fails to fulfil their new obligations as specified in the 
NDB scheme, there is provision for legal and financial penalties under the new legislation.

The new NDB rules will add extra weight to the EU’s GDPR regulations coming into effect next year. After February 2018, Australian companies forced to reveal data breaches under the NDB scheme may also face heavy fines from the EU...

>> Read the full article here.

A Very Costly Invoice...

Wednesday saw the appearance of a nasty email-borne attack using a link to a malware file disguised in a Word document.

171115b-1.pngThis email is not a very well designed attack compared to some of the sophisticated scams we see here at MailGuard, but the interesting thing it is that it demonstrates how easy it is for criminals to operate these sort of scams.

A simple email of this kind could be based on inexpensive malware, bought through a dark web portal, and run from a phone.

>> Get all the details, here.

Scammers Want Your Login Data

On Thursday, we detected a new phishing email pretending to be from telecommunications company 

The initial contact with the intended victim is an email which asks them to advise the payment status of an ‘attached invoice.’


The link provided in the email takes the victim to a fake Microsoft Office 365 login page where they are asked to enter their email and password.
This phishing email is an attempt by cybercriminals to harvest MS Office 365 login credentials. Once they have gained access to their victim's Office 365 accounts, criminals use them to send out yet more phishing emails. 

>> For more information, read the full blog post, here.

Our CEO Craig McDonald is Speaking at AIM WA

On Tuesday (21 Nov) MailGuard's CEO Craig McDonald - author of 
‘Surviving the Rise of Cybercrime’ - will be speaking at a leadership seminar hosted by the Australian Institute of Management Western Australia (AIM WA).

Craig will be speaking at the AIM seminar about the human and technical challenges business leaders face confronting cybercrime.


Surviving the Rise of Cybercrime is a handbook for non-tech executives on how to handle the challenges of cybercrime and take steps to prevent the massive financial losses that cybercrime attacks inflict.

You can win an autographed copy of Craig's book. All you need to do is share >this post< on social media. We’ll be doing the prize draw on November 30 and notifying the winners via social private message. One share equals one entry in the draw:

>> Share on Twitter: click here.

>> Share to Facebook: click here.

>> Share on LinkedIn: click here.

>> More info: click here.


Have a Safe Weekend

For a few dollars per staff member per month, you can protect your business with MailGuard's cloud-based email and web filtering security.

Talk to an expert at MailGuard today: call 1300 30 44 30

Stay up-to-date on breaking scam news. Subscribe to MailGuard's free weekly updates by clicking on the button below:

Keep Informed with Weekly Updates




Topics: Cybersecurity cybercrime MailGuard Craig McDonald Surviving the Rise of Cybercrime email scams

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all