MailGuard Editor 30 May 2015 02:04:00 AEST 5 MIN READ

Top 3 Reasons Your AV Isn’t Stopping Fastbreak Phishing And Other Spam Attacks Like Cryptolocker

Let’s get real for a moment. Your antivirus software isn’t stopping fastbreak phishing and other spam attacks like Cryptolocker.

Many Australian businesses rely on desktop antivirus software and security appliances
to protect them from email that contains a nasty malware. Some are adding cloud security services to the mix in an effort to bolster their defences.

IT managers may feel this is enough to protect the business, but if the business is still receiving fastbreak, phishing and other spam containing malware such as Cryptolocker, they need to reassess their defences.

MailGuard CEO Craig McDonald says "Cyber criminals use a variety of methods to infiltrate businesses. Phishing scams – emails that look legitimate but bait recipients - use deception and social engineering to trick users."

These emails, text messages or website links may appear to originate from companies that the victim may know.

Phishing affects businesses by stealing personal information such as usernames, passwords and credit card details.

Malware includes computer viruses, worms, ransomware and Trojan horses that are specifically designed to disrupt, damage or gain control of computer system or data.

Fastbreak or zero-day spam, is a major problem for businesses. A zero-day threat is a previously unseen malware variant that antivirus software vendors do not yet have defenses against.

What is Cryptolocker?

Cryptolocker and Cryptowall are types of ransomware that typically enter through a phishing email. The recipient is then tricked into clicking a link within the email.

The link takes someone to a forgery of a legitimate web service and tricks the user into downloading damaging applications such as Cryptolocker. Once executed, Cryptolocker then encrypts and locks individual files before demanding a ransom in order to have files decrypted.

Here are some examples of recent Cryptolocker zero-day email scams which have successfully tricked thousands of users into downloading ransomware:

The Australian Federal Police Are The Latest Target In Another Cryptolocker Scam

It is the responsibility of the Australian Federal Police (AFP) to protect us from crime. How ironic that in the latest fastbreak Cryptolocker email scam, cyber criminals have adopted the identity of the AFP and are using it to trick unsuspecting recipients into paying them money. (Read more here…)

Russian Cyber Criminals Target Australians Again With Cryptolocker Virus

Just when you thought it was over! Cyber gangs based in Russia are targeting Australians again after a couple months of peace for us down under. These criminals have been focusing on targeting USA and Europe most recently. (Read more here…)

Antivirus software isn’t entirely effective at blocking spam containing malware such as Cryptolocker. While malware attached to an email can usually be stopped effectively using standard antivirus software, it’s less effective at blocking spam that directs the user to a malicious website using a link.

Let’s take a closer look at the 3 core reasons why businesses are still receiving fastbreak spam containing phishing and other malware such as Cryptolocker.

1. Cyber Criminals Have Access To The Same Defences You Do

Antivirus software can stop spam and defend against spam containing malware. However, it works by comparing the malware to previously seen or known malware. Cyber criminals know this. They are using the same tools to test whether their new spam or malware variant can penetrate antivirus software defences.

Although AV vendors try to respond as quickly as possible to new variants, hundreds if not thousands of scam emails containing malware or links to malware make their way into inboxes around the globe.

2. AV Can’t Keep Up With The Window Of Time Vulnerability

As an IT manager, you are responsible for ensuring your antivirus software is constantly updated to ensure the greatest chance of being protected from cyber attacks. But there is a window of time from when a new variant is detected, to when the AV vendor discovers it, and releases an update that is deployed to the end user.

During this window, the business can be vulnerable to a fastbreak malware or phishing attack.

By implementing cloud antivirus protection such as email and web filtering, businesses have access to security software that is updated automatically and in real-time. This closes the time window of vulnerability and removes the burden of updating software. This is why security software vendors are continuing to acquire cloud security firms to augment or complement their software and security appliances.

MailGuard Fastbreak Zero Day Timeline

3. AV Vendors Are Limited To Their Own IP

Businesses understand the risks from fastbreak spam containing zero-day malware so many employ both on-premise and cloud protection for their network security. If the cloud security solution is delivered by the same vendor as the on-premise security, your business is relying on the intelligence of one company to identify and protect against the new fastbreak variant.

Cloud and Desktop with Same AV Vendor crossed outWorking with just one vendor alone makes security weaker than using two or more independent vendors. Today’s threat landscape means you need to defend against motivated and resourceful adversaries that have access to the same defensive tools and strategies you have. But using a multipronged solution that takes advantage of the cloud where software is constantly updated and employs several different security tools can overcome these adversaries.

Australian business face different threats to overseas businesses. Vendors that are focused on attacks that are targeted at Australian business are more successful at blocking these targeted threats. Many overseas security software vendors consider the Australian market too small to focus on. However criminals are specifically targeting Australia and Australian business clients.


Give Your Business A Fighting Chance

Specialist cloud security vendors should come with a team of dedicated cloud security experts who scour the net constantly seeking out and blocking new threats as they emerge, and not relying of technology scanning alone.

It may be difficult to outsmart cyber criminals but by complementing your antivirus with cloud, or layering specialised services that are much faster at detecting fastbreak scams, you can give your business a head start against cyber criminals.

If you would like to discuss the ways you can significantly decrease the risk from fastbreak phishing and other spam containing malware affecting your business, you can book a FREE consultation with a MailGuard cloud security expert by emailing


^ Back to Top