Phoney Proposal: Multiple Trusted Names Used in Recent Phishing Attack

Posted by MailGuard on 03 August 2021 13:51:56 AEST

Once again, an elaborate phishing scam is the weapon of choice for cybercriminals aiming to take advantage of the weakest link in the security landscape – human beings. A recent attack has taken inspiration from history by using ‘Project Zebra’, the name given to the top-secret mission between Stalin and Roosevelt (with the aim of flying a state-of-the-art amphibious warplane) as the subject of a malicious email impersonating an employee at international engineering, design and advisory firm ‘Aurecon’. The email currently intercepted by MailGuard uses a direct interaction phishing tactic designed to entice the victim into accepting a job proposal by creating a highly personalised email from an unsuspecting Aurecon employee. It is possible that these details have either been found publicly or from a leaked database.  

Read More

To Pay a Ransom? The Debate Rages On

Posted by MailGuard on 02 August 2021 16:53:33 AEST

As I write this, the threat of Ransomware is rapidly on the rise. So much so that the Australian Federal Police has formed a task force - Operation Orcus - following in the footsteps of the US Government, in an attempt to combat the specialised criminal infrastructure that is wreaking havoc across large scale organisations here and globally. High profile victims such as Nine Entertainment, JBS and Uniting Care, along with the recent Kaseya interception have been making headlines and may continue to do so without superior intelligence targeting organised crime groups.  

Read More

Double Whammy: The Latest Phishing Scam Uses your ‘IT Support’ team to Install Malware

Posted by MailGuard on 29 July 2021 13:39:42 AEST

The latest phishing alert sees scammers impersonate the IT department of the targeted organisation in an attempt to steal email credentials and install a malicious file onto the victim’s computer.  Attackers have interestingly used a fake email address from American multi-national and shipping services company FedEx as the trusted name to lure victims into providing their details.  

A notable characteristic of this attack is the scammer's ability to use the name of your company or organisation in order to facilitate the phishing attempt. By purporting to be the victims internal IT services, the email advises the receiver that they have been ‘deactivated’ from a service (actual service not specified) by not having updated their email address. The rectification for this is via downloading the attachment that will apparently assist in updating this information. The wording and instruction in this email, if not looked at closely, attempts to mislead the victim into thinking that their online capability may be deactivated if the instructions are not followed. An easy trap for those who cannot afford to not have access to their company’s internal tech systems (which is usually the whole organisation).  

Read More

Worth A Double-Take: False Email Quarantine Alerts from ‘Outlook’

Posted by MailGuard on 27 July 2021 14:54:10 AEST

This recent email attack threatens to steal user login credentials masquerading as trusted Microsoft email web app, Outlook. With over 400 million Outlook users globally, there is a good chance that you and your organisation are at risk of data theft.  

A fraudulent quarantine alert is the bait used for a recent email phishing scam currently being intercepted by MailGuard. Cybercriminals have used Outlook branding to trick unsuspecting recipients into entering their credentials (email username and password) for use in future criminal activity.  

The email arrives as an alert informing the victim of several emails whose delivery has been prevented due to system errors. After which, a link is provided to coerce the victim into reviewing the falsely quarantined emails. Recipients may be tricked into believing that the email is from the ‘Notifications Team’ however it appears to have come from a compromised Office 365 Account.  

Read More

Nigerian Prince scams are still making millions for criminals

Posted by Emmanuel Marshall on 05 June 2018 11:51:27 AEST


Dear admired friend,

It is my solemn duty to inform you of the passing of your distant relative Mr Mohammed Abacha, a respected member of the Nigerian aristocracy.

Read More

Whaling, CEO Fraud, Business Email Compromise… Targeted spear phishing attacks continue to trouble business

Posted by Annamaria Montagnese on 15 July 2016 17:03:54 AEST

The attacks can take many names, from CEO Fraud, to Whaling and Business Email Compromise. Whichever name you choose, spear phishing attacks impersonating influential executives continue to be a big problem for businesses of all sizes.

Read More

CyberCrime Network Behind AGL Targets Australia Post with New Cerber Ransomware Scam

Posted by Annamaria Montagnese on 11 July 2016 17:23:22 AEST

In a new email scam breaking early Monday, the same cybercrime network behind the recent AGL attacks appear to have moved their focus to Australia Post. The email claims that a package was unable to be delivered because nobody was home, and asks recipients to click a link.

Read More

Dropbox Scam: New Phishing Attack

Posted by Richard Price on 04 March 2016 15:22:27 AEDT

A new Dropbox phishing scam emerged last night, with cyber criminals trying to hack the recipient’s email account by harvesting credentials from a fake Dropbox form.

Read More

New sham Apple phishing scam bites

Posted by Richard Price on 18 February 2016 10:00:08 AEDT

A new sham Apple phishing scam has emerged, which uses a range of tactics to fool users into surrendering personal information including their account and credit card details.

Read More

New fake Citibank phishing scam sees cyber criminals up their game

Posted by Richard Price on 11 February 2016 11:32:48 AEDT

A new fake Citibank phishing scam using advanced techniques to manipulate users into surrendering online banking access has emerged.

Read More

Beware: another fake Dropbox phishing scam

Posted by Richard Price on 04 February 2016 10:23:44 AEDT

A new fake Dropbox phishing scam targeting users of the online sharing and storage platform is currently in circulation.

Read More

How to Strengthen Your Office 365 Security Against Spam and Malware

Posted by Richard Price on 29 December 2015 10:21:09 AEDT

If you’ve made the move to Office 365 as your hosted email solution, your email is likely to be filtered using its Exchange Online Protection (EOP), which works to intercept and remove malicious content before it reaches your inbox.

Read More

Office 365 Security Features - The Pros and Cons for Businesses

Posted by Richard Price on 18 December 2015 14:59:24 AEDT

The features and benefits of Office 365 are undeniable, allowing business owners and employees to access email and data from anywhere in the world via the cloud.

However, organisations transferring their operations to the cloud face a number of security implications - in particular, data access and defence against cyber threats like spam and malware.

Fortunately Office 365 features a range of security benefits, shown below, which help to mitigate risk.

 

Read More

Account Verification Hoax Email Phishing Scams Targeting PayPal Customers

Posted by Daniel Graziano on 12 October 2015 16:31:15 AEDT

MailGuard have identified and successfully blocked a recent run of email phishing attacks purporting to be from PayPal targeting PayPal users.

Read More

Sophisticated 0-Day Westpac Email Scam Targeting Australian Customers

Posted by Daniel Graziano on 09 October 2015 15:30:00 AEDT

MailGuard have identified and successfully blocked another variation of an email phishing scam currently being circulated by cyber criminals impersonating Westpac.

Read More

Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.

Remember:

  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Subscribe to email updates

Recent Posts

Posts by Topic

see all