MailGuard Blog

NSW Roads and Maritime Services becomes another victim of brandjacking by cybercriminals. 2 variants of hoax emails supposedly sent by the government agency arrived in inboxes yesterday.

In the biggest week of football finals, and coinciding with a surge in upcoming seasonal events, comes the latest email scam that invites recipients to ‘Download and Print Your eTickets.’

MailGuard has intercepted the email shown above, which purports to be from a company in the UAE called Naffco.

MailGuard has detected a new email-based cyber-attack (shown above) telling the recipient they have been sent an invoice by an accountant.

“React promptly to download the invoice,” the deceptive message advises.

Clicking on the link takes the victim of this scam to a malicious website containing a hidden malware payload.

If you’ve seen this email in your inbox, best to delete it immediately. It’s a new scam using forged QuickBooks branding to try and trick people into clicking through to a malicious website.

MailGuard has detected multiple variants of this attack, using different company names and sender address domains.

The United States Department of Homeland Security (DHS) has just announced a new division specifically to handle cyber threats against critical infrastructure. The National Risk Management Center will manage cross-sector responses to cyber-threats against vital US assets like the recently exposed attacks against the US power grid.

Banks are well-trusted institutions, so when cybercriminals are looking for good trademarks to use in their email attacks they often rip-off bank branding.

This new scam email uses the NAB trademark to try and persuade recipients that it is a genuine notification message from their bank. The message tells the victim that they have been sent a “SWIFT message” as a “confirmation of payment” to their account.

This scam message is meant to look like a quote request and is accompanied by an attachment containing malware.

MailGuard has detected this innocuous looking message which reads “we will like to know the price and availability of the following item in attach.”

MailGuard has detected a new email scam attempting to deliver malware to victim’s computers.
The scam message - shown in the screenshot above - shows MYOB branding and purports to be a document notification email.

MailGuard has detected a new email scam that uses fake infringement notices to try and lure victims into clicking on malicious files. 
If you see a message like the one shown above in your inbox, don’t click on the “view infringement notice” link. The link actually points to an archive file which is infected with JavaScript malware.

Watch out for this email invoice scam.

MailGuard has detected fake invoice notifications like the one in the screenshot above, being sent from a wide variety of compromised email accounts.

MailGuard has detected a new email scam attempting to deliver malware to victim’s computers.

This malicious email - see screenshot above - is designed to look like a NSW Government “penalty notice,” using a fake “revenue.nsw.gov.au” link to try and lure victims into opening a malware-infected .doc file.

Malware is one of the most common cybercrime attack methods because it’s so profitable for cybercriminals and it can be delivered via email or compromised websites.

Ransomware and spyware have long been the most common malware types but recently, with the surges in cryptocurrency value, a new malware pandemic is appearing: cryptojacking.

Threat alert: two new email scams targeting Telstra customers are hitting inboxes. These well-designed email attacks both use fake Telstra bill notifications to trick victims into clicking on malicious links.

MailGuard has detected a new email scam using a .doc file infected with macro malware.

This scam email is designed to look like an E-Toll notification. The message - as shown in the screenshot above - advises the victim to view their E-toll account statement but the attached .doc file is infected with a malicious macro which would download malware to the victim’s computer.