MailGuard Blog

In a year we would all rather forget; an unfortunate side effect has been a rise in ransomware incidents and opportunistic cyber-attacks. Our current situation has been unexpectedly thrust upon us, forcing a rapid change to our ways of working, and a more vulnerable remote workforce. One positive that’s close to my own heart though, is a growing awareness of cybercrime, and a shared responsibility across the entire organisation from the Board and the CEO, through to the front line, to boost cyber resilience.

If your company has been hit by a ransomware attack, would you pay the ransom?  

As the COVID-19 crisis continues to unfold, new reports showcasing the good, bad and ugly side of tech continue to emerge every day. The world applauded when mobile device monitoring was enlisted to enforce self-isolation, but it was also horrifying to see cybercriminals setting up fake websites offering fraudulent Coronavirus vaccines.  

Recently, we have seen a surge in cyber-attacks that are capitalising on fears around COVID-19, like this scam intercepted by my team at the end of February, and wider media reports like this one with cybercriminals creating thousands of illegitimate Coronavirus-related websites on a daily basis. 

Q&A with Craig McDonald, CEO & Founder, MailGuard

On March 11, the World Health Organization declared COVID-19 a pandemic. Two weeks on, and we are seeing technology at its best and worst. Technology is all around us, and as business leaders and tech partners, we understand its power – for good and evil. Here’s a quick look at just a few of the ways that tech is being enlisted during the current crisis.

This week has been a challenging time of transition, not just for our team at MailGuard but for many organisations around the world. Implementing social distancing, switching to a remote workspace, modifying our regular routines and trying to create new health and hygiene habits can really take a toll on our mental health.

As many of you know by now, logistics giant Toll Group was in the news last week after they were hit by a ransomware attack called Mailto. This attack is usually delivered via an infected email, that was most likely clicked on by an unsuspecting employee which then infects systems running on Microsoft Windows, encrypting files and leaving a ransom note on-screen. The note says that the only way to get the files back is by paying a ransom in Bitcoin.  

Like many of you, I read the news that Toll Group confirmed that it is the victim of a “targeted ransomware attack.”

Popular coffee brand, FiveSenses, is the subject of the latest email scam. In yet another example of how cybercriminals attempt to brandjack trusted, well-known and familiar brands, the email includes a ‘Payment Advice’ in an attempt to trick coffee lovers, restaurant and café owners to investigate further.  

A computer virus that seeks out and destroys antivirus software; that’s AVCrypt, a new ransomware variant discovered on Friday.

The AVCrypt malware is designed to locate and delete PC antivirus software Windows Defender and Malwarebytes and then install ransomware onto an infected computer. By eliminating the computer’s antivirus programs before beginning the ransomware attack, AVCrypt effectively removes the local security protection that most PCs rely on to prevent such attacks, making this a very dangerous new malware strain.

Cybercriminals are starting to behave like corporations and it’s not that surprising, considering cybercrime is a multi-billion dollar industry.

Hackers producing malware like trojans, ransomware and spyware don’t usually run solo scams anymore; they set up an online shopfront and lease their products to anybody who wants to use them.

On Wednesday this week, MailGuard CEO Craig McDonald published a thought provoking post on the blog dealing with cybercrime attacks against senior management and business owners.

In his article Craig writes:

"Brad (not his real name) is the founder and CEO of a major logistics company. The story he told me is astonishing, but unfortunately, it is also true. It started at 6:25 pm on a Friday. Brad sat down at his computer and clicked open his email inbox.

You may have heard of the ‘dark web’ but to most of us it’s just a sinister sounding name. For the world of organised crime though, the dark web is a one-stop robbing shop. It’s a place where crooks can buy ready-made software for extortion, fraud, and intelligence gathering.

On Tuesday morning (24^th Oct) a new ransomware attack started appearing in Russia and surrounding regions. Dubbed ‘Bad Rabbit’, this malware seems to be targeted at corporate networks and is disguised as a fake Adobe Flash Installer.