DHL Scam: Take-Two Before Clicking on Your Next Parcel Delivery Notification

Posted by MailGuard on 20 August 2021 08:13:27 AEST

Another day, another fraudulent package notification vying for your attention. DHL is the focus of the latest phishing scam being intercepted by MailGuard. With the subject reading ‘Your package is stopped in one of our stations’, the email claims that a small fee needs to be processed in order to have the package released.

Read More

Accounts Not Payable: Unpatched WordPress Site and DocuSign Fake Email

Posted by MailGuard on 12 August 2021 17:09:47 AEST

DocuSign seems to be winning the popularity contest amongst cybercriminals as MailGuard intercepts a second phishing scam imitating the global electronic agreement provider in just a matter of days. The scam emails appear to come from a compromised account belonging to a U.S. immigration law firm, as recipients are presented with an email purporting to be from the Accounts Department notifying the victim of an ‘EFT confirmation’ in .pdf format. Other trusted names such as Office 365, Gmail and AOL have been impersonated in the process.  

Read More

Healthcare Provider Compromised as Scammers Mimic DocuSign, Microsoft and Adobe

Posted by MailGuard on 10 August 2021 16:23:40 AEST

MailGuard has intercepted an email attack that uses multiple trusted brand names to fool victims into providing their sensitive information for credential harvesting. DocuSign, with hundreds of millions of users worldwide, is a household name with businesses and organizations using the tool for electronic signatures and agreements. Purporting to be from a prominent healthcare provider a DocuSign link is sent to recipients, in an attempt to capture email and login addresses and to potentially download malware. Other trusted names such as Adobe, Microsoft and IBM have been spoofed using accurately depicted branding and logos to catch victims off guard.  

Read More

Latest Phishing Threat Casts Net Over CBA Customers

Posted by MailGuard on 05 August 2021 16:06:50 AEST

Commonwealth NetBanking Clients are the most recent targets of a phishing scam intercepted by MailGuard. Cybercriminals have targeted the NetBank customers of Australia’s largest financial services institution with almost 16 million prospective victims.  

Purporting to be from the Customer Advocacy department of CBA, the phishing attempt aims to secure important identity credentials including the victims full name, date of birth, zip code and contact phone number along with login information for criminal harvesting, which if successful, can lead to a severe negative financial impact for the unsuspecting victim.  

The scammers journey begins with a simple HTML email from customeradvocate@cba.com.au, falsely alerting the unassuming NetBank user of a security warning stemming from an unauthorised login attempt. Spiking the victim’s fear of being locked out of their banking account, the scammer advises the user that their NetBank is locked, luring them into clicking on the phishing link or “More Details” button in order to restore access. In this case, both the subject matter of the email and content has been purposefully crafted to create an urgency for the victim to enter their credentials.  

The user is then taken to the first phishing page below which is hosteby  LinkTree. Upon closeexamination of the web link, a spelling error in “Australia” hints that it may be a scam. 

 

Read More

Creatives Beware: File Sharing Service WeTransfer used in Fresh Phishing Scam

Posted by MailGuard on 05 August 2021 15:25:49 AEST

Imitation is certainly not an appreciated form of flattery for popular file sharing service WeTransfer when it comes to malicious activity. The cloud-based online platform is the latest name being used in a phishing scam aimed at securing credentials from its (some) 70 million users, in 190 countries worldwide. WeTransfer, known for its convenience in allowing users to transfer various files to other users on the internet, has been targeted to deliver malicious files to victims. MailGuard has intercepted this phishing attempt.  

Read More

Double Whammy: The Latest Phishing Scam Uses your ‘IT Support’ team to Install Malware

Posted by MailGuard on 29 July 2021 13:39:42 AEST

The latest phishing alert sees scammers impersonate the IT department of the targeted organisation in an attempt to steal email credentials and install a malicious file onto the victim’s computer.  Attackers have interestingly used a fake email address from American multi-national and shipping services company FedEx as the trusted name to lure victims into providing their details.  

A notable characteristic of this attack is the scammer's ability to use the name of your company or organisation in order to facilitate the phishing attempt. By purporting to be the victims internal IT services, the email advises the receiver that they have been ‘deactivated’ from a service (actual service not specified) by not having updated their email address. The rectification for this is via downloading the attachment that will apparently assist in updating this information. The wording and instruction in this email, if not looked at closely, attempts to mislead the victim into thinking that their online capability may be deactivated if the instructions are not followed. An easy trap for those who cannot afford to not have access to their company’s internal tech systems (which is usually the whole organisation).  

Read More

E-Toll Account statements are linking to malicious downloads

Posted by Akankasha Dewan on 12 October 2018 11:19:04 AEDT

NSW Roads and Maritime Services becomes another victim of brandjacking by cybercriminals. 2 variants of hoax emails supposedly sent by the government agency arrived in inboxes yesterday.

Read More

Beware of fraudulent eTicket email scam

Posted by Daniel McShanag on 26 September 2018 16:20:09 AEST

In the biggest week of football finals, and coinciding with a surge in upcoming seasonal events, comes the latest email scam that invites recipients to ‘Download and Print Your eTickets.’

Read More

"Naffco" email carries malware link

Posted by MailGuard Editor on 28 August 2018 12:44:44 AEST

MailGuard has intercepted the email shown above, which purports to be from a company in the UAE called Naffco.

Read More

Watch out for fake “accountant” notification emails

Posted by Emmanuel Marshall on 23 August 2018 14:32:03 AEST

MailGuard has detected a new email-based cyber-attack (shown above) telling the recipient they have been sent an invoice by an accountant.

“React promptly to download the invoice,” the deceptive message advises.

Clicking on the link takes the victim of this scam to a malicious website containing a hidden malware payload.

Read More

Phoney QuickBooks email used in new fraud

Posted by Emmanuel Marshall on 22 August 2018 14:51:37 AEST

If you’ve seen this email in your inbox, best to delete it immediately. It’s a new scam using forged QuickBooks branding to try and trick people into clicking through to a malicious website.

MailGuard has detected multiple variants of this attack, using different company names and sender address domains.

Read More

Cybercrime an “urgent, evolving crisis”: US Security Chief

Posted by Emmanuel Marshall on 07 August 2018 15:23:49 AEST

The United States Department of Homeland Security (DHS) has just announced a new division specifically to handle cyber threats against critical infrastructure. The National Risk Management Center will manage cross-sector responses to cyber-threats against vital US assets like the recently exposed attacks against the US power grid.

Read More

New zero-day malware attack brandjacking NAB

Posted by Emmanuel Marshall on 06 August 2018 13:35:14 AEST

Banks are well-trusted institutions, so when cybercriminals are looking for good trademarks to use in their email attacks they often rip-off bank branding.

This new scam email uses the NAB trademark to try and persuade recipients that it is a genuine notification message from their bank. The message tells the victim that they have been sent a “SWIFT message” as a “confirmation of payment” to their account.

Read More

Quote request email is actually a malware scam

Posted by Emmanuel Marshall on 12 June 2018 11:30:19 AEST


This scam message is meant to look like a quote request and is accompanied by an attachment containing malware.

MailGuard has detected this innocuous looking message which reads “we will like to know the price and availability of the following item in attach.”

Read More

New MYOB brandjacking scam

Posted by Emmanuel Marshall on 08 June 2018 11:24:55 AEST


MailGuard has detected a new email scam attempting to deliver malware to victim’s computers.
The scam message - shown in the screenshot above - shows MYOB branding and purports to be a document notification email.

Read More

    Something Powerful

    Tell The Reader More

    The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.

    Remember:

    • Bullets are great
    • For spelling out benefits and
    • Turning visitors into leads.

    Subscribe to email updates

    Recent Posts

    Posts by Topic

    see all