MailGuard Blog

As cybercrime morphs and evolves in complexity, cybercriminals are increasingly mimicking well-known brands and trusted companies, brandjacking them in a bid to infect computer systems and to steal sensitive data.

Do not be too quick to click everything you see in your inbox. Cybercriminals circulated a malicious email in the form of a fraudulent purchase order on Tuesday afternoon.

Think twice before providing any confidential information online – even if it is supposedly to government authorities. A well-executed and elaborate phishing scam is currently hitting inboxes, purporting to have come from MyGov and the Australian Government.

MailGuard has identified 3 similar types of phishing emails making their way into inboxes on late Thursday morning.

Cybercriminals brandjacked Office 365 and sent bogus emails to recipients on Tuesday afternoon as part of a phishing attack.

The emails, seemingly sent from ‘Messages Portal Centre Messages Portal Centre’ trick recipients into thinking that their account has been put on hold until they ‘confirm activity’.

It encourages users to click on a View ‘Activity’ link that leads to a compromised website.

The website page opens to a fake Office 365 login page. Users are then instructed to enter their password on this page to proceed further.

The scam is a classic example of a phishing attack that cybercriminals launch in a bid to steal confidential passwords from recipients. 

How to avoid getting scammed

Phishing attacks can be enormously costly and destructive and new scams are appearing every day. Don’t wait until it happens to your business; take action to protect your company, now.

Always hover your mouse over links within emails and check the domain they’re pointing to. If they look suspicious or unfamiliar don’t open them.

9 out of 10 cyber-attacks are delivered via email, so it's essential to have the best filtering service available. 

Don’t be fooled if you receive an email citing an electricity bill from AGL – you may end up paying more than just the bill.

AAMI Insurance is the latest company to be brandjacked by cybercriminals in a series of email scams compromising MailChimp accounts.

Cybercriminals have now brandjacked Mancer Corp Pty Ltd. and are sending malicious links via multiple compromised MailChimp accounts.

The latest email phishing scam impersonating Microsoft Office 365 arrived in inboxes late Tuesday afternoon. Masquerading as an email from the "Support Team" the scam is actually sent by multiple malicious senders. It links to a phishing website designed to trick users into entering their email password.

This morning MailGuard is blocking a large run of emails purporting to come from a company named ‘PP Sign Management.'

Keep an eye out for the latest DocuSign email scam that was circulating Wednesday (AEST). Masquerading as a credit application, the subjects generally relate to a ‘Credit Card Application’ or a ‘Loan Application.’

Popular coffee brand, FiveSenses, is the subject of the latest email scam. In yet another example of how cybercriminals attempt to brandjack trusted, well-known and familiar brands, the email includes a ‘Payment Advice’ in an attempt to trick coffee lovers, restaurant and café owners to investigate further.  

What is cybersecurity?
If you walked around your office and asked people that question, what sort of answers do you think, you’d get?

Tell your teams to be careful clicking on any parcel delivery emails this afternoon. MailGuard is blocking a FedEx TNT email scam with a subject line that reads ‘Unable to locate you.’

Careful not to click through on the latest email phishing scam impersonating Microsoft Office 365 today. The first run of the attack began hitting email inboxes between 8-10am AEST Friday.