MailGuard Blog

Artificial Intelligence (AI) and machine learning are currently hot property, on the wish and hit lists of just about every company on the planet.

Another day, another red-faced exec wondering how his company just managed to get scammed out of thousands of dollars. Embarrassing? Yes. Uncommon? No.

It’s officially silly (shopping) season. Inboxes around the world are starting to fill up with crazy hot sales, festive deals, and year-end promotions.

Shady and shifty or just another regular Jo? Much like Ted Bundy was considered a charismatic guy, you can never be too sure of the biggest personnel threats to your organisation. Don’t we always see in the news that it’s Susan the lovely office manager who seems to be the one channeling company funds into her own accounts? 

“How did I fall for that?”

Malicious files can masquerade in any form, and cybercriminals often take advantage of this fact when tricking innocent victims.

Released last week, Gemalto’s Breach Level Index found that over 4.5 billion data records were breached in the first half of this year - up 1,751% from the same time last year. That translates to 291 data records being breached per second in the first half of 2018.

As cybercrime morphs and evolves in complexity, cybercriminals are increasingly mimicking well-known brands and trusted companies, brandjacking them in a bid to infect computer systems and to steal sensitive data.

Do not be too quick to click everything you see in your inbox. Cybercriminals circulated a malicious email in the form of a fraudulent purchase order on Tuesday afternoon.

Think twice before providing any confidential information online – even if it is supposedly to government authorities. A well-executed and elaborate phishing scam is currently hitting inboxes, purporting to have come from MyGov and the Australian Government.

MailGuard has identified 3 similar types of phishing emails making their way into inboxes on late Thursday morning.

Cybercriminals brandjacked Office 365 and sent bogus emails to recipients on Tuesday afternoon as part of a phishing attack.

The emails, seemingly sent from ‘Messages Portal Centre Messages Portal Centre’ trick recipients into thinking that their account has been put on hold until they ‘confirm activity’.

It encourages users to click on a View ‘Activity’ link that leads to a compromised website.

The website page opens to a fake Office 365 login page. Users are then instructed to enter their password on this page to proceed further.

The scam is a classic example of a phishing attack that cybercriminals launch in a bid to steal confidential passwords from recipients. 

How to avoid getting scammed

Phishing attacks can be enormously costly and destructive and new scams are appearing every day. Don’t wait until it happens to your business; take action to protect your company, now.

Always hover your mouse over links within emails and check the domain they’re pointing to. If they look suspicious or unfamiliar don’t open them.

9 out of 10 cyber-attacks are delivered via email, so it's essential to have the best filtering service available. 

Don’t be fooled if you receive an email citing an electricity bill from AGL – you may end up paying more than just the bill.

AAMI Insurance is the latest company to be brandjacked by cybercriminals in a series of email scams compromising MailChimp accounts.

Cybercriminals have now brandjacked Mancer Corp Pty Ltd. and are sending malicious links via multiple compromised MailChimp accounts.