MailGuard Blog

MailGuard has intercepted the email shown above, which purports to be from a company in the UAE called Naffco.

The image many businesspeople have of cybercrime is a teenager with a grubby hoody hunched over a laptop hammering code into a flickering screen that’s like something out of The Matrix. The imaginary teen finds a backdoor into a bank’s server admin page, and typing like fury beats the computer in a showdown of quick-draw typing.

MailGuard has detected a new email-based cyber-attack (shown above) telling the recipient they have been sent an invoice by an accountant.

“React promptly to download the invoice,” the deceptive message advises.

Clicking on the link takes the victim of this scam to a malicious website containing a hidden malware payload.

When you consider how central email is to daily business operations, it’s not surprising, that it’s become the most damaging weapon in the cybercrime arsenal.
Every business still relies on email to do the majority of their daily communication. Everything from stationery orders to corporate mergers is organised and negotiated through the humble inbox.

The United States Department of Homeland Security (DHS) has just announced a new division specifically to handle cyber threats against critical infrastructure. The National Risk Management Center will manage cross-sector responses to cyber-threats against vital US assets like the recently exposed attacks against the US power grid.

“As a small business, we find it challenging to identify threats and have measures in place to mitigate them with very limited time/resource.”

“I find the board’s posture is too relaxed, suggesting lack of acute awareness of the real risks.”

“Lack of concern and awareness around the risk and consequence. Directors and management are more concerned about accessibility than protection (until an event occurs, that is...)”

The mammoth risks posed by a cybersecurity breach means leaders need to tackle the growing threat at board level, according to Australia’s Prime Minister.

 Australian expertise can help solve global cybersecurity headaches, Prime Minister Malcolm Turnbull has told a US cybersecurity forum.

The compromised email account of an Australian university staff member has been used by cybercriminals to distribute malware in a new phishing scam discovered by MailGuard today.

New phishing and malware attacks today targeting Office 365, Xero and DropBox users have emphasised a growing trend of brand exploitation.

A brazen new PayPal phishing email attempts to steal a range of private information including ATM pins and credit card details.

 Accountants and bookkeepers have been the target of high-volume phishing attacks in the past week.

 A new Google Drive phishing scam email hitting inboxes today uses a compromised account to try to trick recipients into clicking an email from a familiar name.

 A major cloud-accounting provider is being impersonated in a malicious new email scam.

 Scam emails leveraging the familiar brand of cloud accounting company Xero have delivered malware to inboxes across Australia, New Zealand and beyond.