MailGuard Blog

Malicious files can masquerade in any form, and cybercriminals often take advantage of this fact when tricking innocent victims.

As cybercrime morphs and evolves in complexity, cybercriminals are increasingly mimicking well-known brands and trusted companies, brandjacking them in a bid to infect computer systems and to steal sensitive data.

Do not be too quick to click everything you see in your inbox. Cybercriminals circulated a malicious email in the form of a fraudulent purchase order on Tuesday afternoon.

MailGuard has identified 3 similar types of phishing emails making their way into inboxes on late Thursday morning.

Cybercriminals brandjacked Office 365 and sent bogus emails to recipients on Tuesday afternoon as part of a phishing attack.

The emails, seemingly sent from ‘Messages Portal Centre Messages Portal Centre’ trick recipients into thinking that their account has been put on hold until they ‘confirm activity’.

It encourages users to click on a View ‘Activity’ link that leads to a compromised website.

The website page opens to a fake Office 365 login page. Users are then instructed to enter their password on this page to proceed further.

The scam is a classic example of a phishing attack that cybercriminals launch in a bid to steal confidential passwords from recipients. 

How to avoid getting scammed

Phishing attacks can be enormously costly and destructive and new scams are appearing every day. Don’t wait until it happens to your business; take action to protect your company, now.

Always hover your mouse over links within emails and check the domain they’re pointing to. If they look suspicious or unfamiliar don’t open them.

9 out of 10 cyber-attacks are delivered via email, so it's essential to have the best filtering service available. 

Don’t be fooled if you receive an email citing an electricity bill from AGL – you may end up paying more than just the bill.

AAMI Insurance is the latest company to be brandjacked by cybercriminals in a series of email scams compromising MailChimp accounts.

Cybercriminals have now brandjacked Mancer Corp Pty Ltd. and are sending malicious links via multiple compromised MailChimp accounts.

This morning MailGuard is blocking a large run of emails purporting to come from a company named ‘PP Sign Management.'

Keep an eye out for the latest DocuSign email scam that was circulating Wednesday (AEST). Masquerading as a credit application, the subjects generally relate to a ‘Credit Card Application’ or a ‘Loan Application.’

Popular coffee brand, FiveSenses, is the subject of the latest email scam. In yet another example of how cybercriminals attempt to brandjack trusted, well-known and familiar brands, the email includes a ‘Payment Advice’ in an attempt to trick coffee lovers, restaurant and café owners to investigate further.  

Tell your teams to be careful clicking on any parcel delivery emails this afternoon. MailGuard is blocking a FedEx TNT email scam with a subject line that reads ‘Unable to locate you.’