MailGuard Blog

"Raise the topic of cybersecurity with any board of directors. They would all probably agree it’s a very important issue, but it’s rare that they would all agree what to do about it. Just asking a few pointed questions can create a lot of energy:
How well prepared are you for a sophisticated cyber attack this afternoon?”

The latest report released by the FBI’s internet crime division - IC3 - reveals that email-based social engineering attacks were the most commonly reported cybercrime category in 2017.

IC3 received 300,000 complaints in 2017, representing estimated losses of more than US$1.4 billion.

On average, 2 Australian companies are being hit by data breach incidents every day, says the first report produced by the newly enacted Notifiable Data Breach (NDB) Scheme.

Of those incidents, nearly half were the result of criminal attacks and the majority were directed at professional services companies in the health, finance and legal sectors.

In the latest example of brandjacking, this evening we are seeing a run of phishing emails impersonating major retail brands. The criminal emails are leveraging several different compromised MailChimp accounts to bypass traditional email scanning software, and then using the power of major household name brands to entice users to click.

In a very large scale and ongoing email scam, cybercriminals are yet again impersonating accounting firm MYOB, delivering a fraudulent DocuSign supply order to inboxes. This is the second ‘brandjacking’ in the space of the last week for MYOB, with a similar invoice scam impersonating the leading accounting software last Tuesday.

In a cyber-attack that is still ongoing, cyber criminals are mimicking leading accounting software brand MYOB, delivering fake invoices to unsuspecting email recipients. The large-scale attack was first blocked by MailGuard early on Tuesday AEST.

Frequently targeted ASIC and CBA have again been impersonated in new email scams circulating from this morning (AEDT). These scams are particularly deceitful as they are so well-crafted, with no grammatical errors and on-brand formatting.

The ATO and MYOB, regular victims of brand-jacking by cybercriminals, have again been targeted today in large-scale email campaigns. The first ATO-branded email was detected at 8.22am AEST, and the MYOB-branded email at 8.50am AEST. MailGuard has blocked 100% of these emails, and as both attacks are ongoing, we are monitoring for variants.

Warn your teams to be careful about clicking on any strange emails when they get to their desks this morning. Starting at 6:00pm and 6:19pm respectively, two new email scam from eFax Corporate and Virgin Media, were arriving in Australian inboxes last night. MailGuard successfully blocked the scams, with the last messages ceasing at 10:02pm and 10:56pm.

The barrage of criminal intent email campaigns masquerading as popular SMB and consumer brands Telstra and Xero continues today. The very large-scale attacks were detected from 9.03am AEST September 26, and are ongoing. Whilst 100% of these emails were blocked by MailGuard, we are monitoring for variants.

Two very large phishing campaigns are landing in business inboxes this morning. First stopped by MailGuard just before 9:00AM AEST, the scams are impersonating Telstra and Brisbane eToll operator go via.

Forever popular with cybercriminals, this week has seen a series of email scams going directly for the money-jar. Leveraging major accounting software brands that are popular with the SMB segment – like MYOB, Xero and Sage – the cybercrime networks may be chasing smaller businesses who don’t have dedicated infosec or IT help to defend against scams.

Look out today for a sophisticated DVD phishing scam using a compromised MailChimp account to deliver malicious code. The email from ‘DVDs Manager’ is framed as an ’Order confirmation.’

Cybercriminals are targeting Australian business inboxes with a very large run of scam emails today, purporting to be from ‘ASIC Messaging Service.’

A succession of small to very large phishing campaigns impersonating major Australian brands Telstra, the ATO (Australian Taxation Office) and Queensland tolling payments provider GoVia, have been blocked by MailGuard in the past 24-hours.