Latest Phishing Threat Casts Net Over CBA Customers

Posted by MailGuard on 05 August 2021 16:06:50 AEST

Commonwealth NetBanking Clients are the most recent targets of a phishing scam intercepted by MailGuard. Cybercriminals have targeted the NetBank customers of Australia’s largest financial services institution with almost 16 million prospective victims.  

Purporting to be from the Customer Advocacy department of CBA, the phishing attempt aims to secure important identity credentials including the victims full name, date of birth, zip code and contact phone number along with login information for criminal harvesting, which if successful, can lead to a severe negative financial impact for the unsuspecting victim.  

The scammers journey begins with a simple HTML email from customeradvocate@cba.com.au, falsely alerting the unassuming NetBank user of a security warning stemming from an unauthorised login attempt. Spiking the victim’s fear of being locked out of their banking account, the scammer advises the user that their NetBank is locked, luring them into clicking on the phishing link or “More Details” button in order to restore access. In this case, both the subject matter of the email and content has been purposefully crafted to create an urgency for the victim to enter their credentials.  

The user is then taken to the first phishing page below which is hosteby  LinkTree. Upon closeexamination of the web link, a spelling error in “Australia” hints that it may be a scam. 

 

Read More

Creatives Beware: File Sharing Service WeTransfer used in Fresh Phishing Scam

Posted by MailGuard on 05 August 2021 15:25:49 AEST

Imitation is certainly not an appreciated form of flattery for popular file sharing service WeTransfer when it comes to malicious activity. The cloud-based online platform is the latest name being used in a phishing scam aimed at securing credentials from its (some) 70 million users, in 190 countries worldwide. WeTransfer, known for its convenience in allowing users to transfer various files to other users on the internet, has been targeted to deliver malicious files to victims. MailGuard has intercepted this phishing attempt.  

Read More

To Pay a Ransom? The Debate Rages On

Posted by Craig McDonald on 02 August 2021 16:53:33 AEST

As I write this, the threat of Ransomware is rapidly on the rise. So much so that the Australian Federal Police has formed a task force - Operation Orcus - following in the footsteps of the US Government, in an attempt to combat the specialised criminal infrastructure that is wreaking havoc across large scale organisations here and globally. High profile victims such as Nine Entertainment, JBS and Uniting Care, along with the recent Kaseya interception have been making headlines and may continue to do so without superior intelligence targeting organised crime groups.  

Read More

The anatomy of a phishing email scam: How social engineering techniques trick users

Posted by Craig McDonald on 17 June 2021 16:19:05 AEST

A personalised and targeted email, an opportune offer and the impersonation of multiple brands – some of the techniques employed by cybercriminals in a phishing email scam that resulted in a property buyer losing thousands of dollars as part of a ‘deposit’, supposedly for his new apartment.

Read More

“The worst year ever”: 5 lessons on ransomware from 2020

Posted by MailGuard on 04 June 2021 11:31:03 AEST

“By any measure, 2020 was the worst year ever when it comes to ransomware and related extortion events. And if we don’t break the back of this cycle, a problem that’s already bad is going to get worse.”

- Acting Deputy Attorney General John Carlin, the United States Department of Justice (DOJ), April 2021

Read More

Ransomware: To pay or not to pay? 5 factors to consider

Posted by Craig McDonald on 28 May 2021 09:00:41 AEST

Your business data is being held hostage, encrypted with only your attackers holding the keys. So, do you pay up the ransom, or try to recover without handing over company profits to cybercriminals?

Read More

“Prevention is really important”: The ACCC urges businesses to be wary of business email compromise scams

Posted by MailGuard on 30 April 2021 13:07:45 AEST

Business email compromise (BEC) scams have been around for a while, but their continued success at bringing down organisations (both large & small) shows we’re dealing with an adversary that is constantly looking for ways to exploit our systems, our psychology & our trust.  

Read More

MFA: Identity is the “new security perimeter”

Posted by MailGuard on 30 April 2021 12:53:36 AEST

It’s integral that businesses proactively take steps to enhance identity-related security measures like MFA because since the COVID-19 pandemic, “identity has become the new security perimeter” according to many experts, including Microsoft. 

Read More

The U.S. tax season has begun — and so has hunting season for scammers. Watch out for these 3 types of email scams.

Posted by MailGuard on 23 April 2021 11:48:55 AEST

The tax season has always been a busy one for scammers, but the ongoing uncertainty triggered by COVID-19 last year enabled them to augment their attacks and take further advantage of the fragile mental state of taxpayers and professionals – essentially, presenting scammers with an opportunity to use an enhanced sort of psychological warfare.

Read More

The dreaded 3am phone call: Lessons from the cyber-attack on Nine Entertainment Co.

Posted by Craig McDonald on 13 April 2021 09:31:14 AEST

It’s been called the “largest cyber-attack on a media company in Australia's history," something that has never been seen before in the country. 

Read More

Cyber-attacks targeting Australia’s critical infrastructure are proliferating. Is your business protected?

Posted by MailGuard on 26 March 2021 13:00:51 AEDT

PwC survey released at the end of 2020 highlighted fears of growing cyber-attacks targeting local critical infrastructure. Australian business leaders said that they were expecting more cyber-attacks in the next 12 months than their global peers, including 56% of local executives who anticipated attacks on the nation's critical infrastructure which could shut down vital services such as hospitals.”  

Read More

Almost 70% of ANZ businesses plan to increase cybersecurity spending in 2021. Here's how to get the best bang for your buck

Posted by MailGuard on 26 March 2021 12:50:49 AEDT

Cybersecurity was a significant catalyst in facilitating productive remote work and ensuring business continuity in 2020. 

Read More

Cybersecurity in 2021: Trusting in Zero Trust

Posted by Craig McDonald on 23 March 2021 16:17:11 AEDT

Commenting on paradigm shifts in cybersecurity in 2020, Ann Johnson, Corporate Vice President, SCI Business Development at Microsoft wrote: 

“As we look past the pandemic to a time when workforces and budgets rebound, Zero Trust will become the biggest area of investment for cybersecurity. This means, that right now, every one of us is on a Zero Trust journey—whether we know it, or not.” 

Read More

eBook: 10 cyber-attacks that made headlines in 2020

Posted by MailGuard on 05 March 2021 13:47:06 AEDT

Against the backdrop of a global pandemic, and with more businesses operating remotely, the global scourge of cybercrime became even more calamitous in 2020.

Read More

First Blackbaud, then SolarWinds. Supply chain cyber-attacks are proliferating – how secure is your business?

Posted by Craig McDonald on 25 February 2021 11:43:59 AEDT

In the final weeks of 2020, news of the SolarWinds hack broke – a cyber-attack that has been dubbed as “the Pearl Harbor of American IT”.   

Read More

Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.

Remember:

  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Subscribe to email updates

Recent Posts

Posts by Topic

see all