MailGuard Blog

As cybercrime evolves in complexity daily, cybercriminals are coming up with new and innovative ways of fooling unsuspecting Web users and infecting their systems.

Earlier this week, MailGuard detected a phishing email scam brandjacking Egnyte, WeTransfer as well as Office 365.

Confidential business documents such as contracts, legal documents and finance records are commonly passed on from one recipient to another via email. But how can you tell if links to such important documents are safe to click when they appear in your inbox?

Do not be too quick to click everything in your inbox. Cybercriminals circulated two different variations of a malicious phishing email on Tuesday afternoon (AEST).

MailGuard intercepted a phishing email scam infiltrating inboxes on Wednesday morning (AEST). The scam is designed to steal your Office 365 login credentials.

MailGuard has identified 3 similar types of phishing emails making their way into inboxes on late Thursday morning.

Cybercriminals brandjacked Office 365 and sent bogus emails to recipients on Tuesday afternoon as part of a phishing attack.

The emails, seemingly sent from ‘Messages Portal Centre Messages Portal Centre’ trick recipients into thinking that their account has been put on hold until they ‘confirm activity’.

It encourages users to click on a View ‘Activity’ link that leads to a compromised website.

The website page opens to a fake Office 365 login page. Users are then instructed to enter their password on this page to proceed further.

The scam is a classic example of a phishing attack that cybercriminals launch in a bid to steal confidential passwords from recipients. 

How to avoid getting scammed

Phishing attacks can be enormously costly and destructive and new scams are appearing every day. Don’t wait until it happens to your business; take action to protect your company, now.

Always hover your mouse over links within emails and check the domain they’re pointing to. If they look suspicious or unfamiliar don’t open them.

9 out of 10 cyber-attacks are delivered via email, so it's essential to have the best filtering service available. 

The latest email phishing scam impersonating Microsoft Office 365 arrived in inboxes late Tuesday afternoon. Masquerading as an email from the "Support Team" the scam is actually sent by multiple malicious senders. It links to a phishing website designed to trick users into entering their email password.

Early Tuesday (AEST), MailGuard commenced blocking a new scam email disguised as a fake Office 365 notification, that links to a phishing site. 

Careful not to click through on the latest email phishing scam impersonating Microsoft Office 365 today. The first run of the attack began hitting email inboxes between 8-10am AEST Friday.

Wednesday morning (AEST), a new email phishing scam started to arrive in inboxes, impersonating Microsoft Office 365. The subject reads: '(5) messages returned - failure to sync.'

Microsoft’s stature as a trusted household name makes them a lucrative brandjacking target for cybercriminals.

This latest phishing attack - shown in the screenshot above - uses the “Office 365” trademark to persuade recipients that the email is legitimate and get them to click on the “recover messages” link.

MailGuard has detected a new email scam using a .doc file infected with macro malware.

This scam email is designed to look like an E-Toll notification. The message - as shown in the screenshot above - advises the victim to view their E-toll account statement but the attached .doc file is infected with a malicious macro which would download malware to the victim’s computer.

A new phishing scam has been detected by MailGuard, exploiting the trademarks of Microsoft Office 365 and Xerox.

This criminal intent email attack takes the form of a plain text message purporting to be a Xerox document sharing notification. 

In the early hours of this morning a new email phishing scam emerged, impersonating Microsoft Office 365. 

The attack consists of a deceptively simple HTML email message, telling the recipient that their email account is over quota and that they need to upgrade their plan.