MailGuard Blog

It looks like the series of banking-related email scams that MailGuard detected over the last month is far from over. Having imitated banks such as Westpac, ANZ and BankWest recently, cybercriminals have once again spoofed National Australia Bank (NAB) in a bid to steal users’ confidential information.

The banking industry is increasingly becoming a favourite among cybercriminals. After intercepting multiple variations of an email scam spoofing NAB earlier today, MailGuard has now detected another phishing email scam purporting to be from Westpac.

Imitating leading financial institutions such as banks is a common trick adopted by cybercriminals to again access to users’ confidential data. MailGuard intercepted multiple variations of a large-scale phishing email scam purporting to come from National Australia Bank (NAB).

Do not be too quick to click everything in your inbox. Cybercriminals circulated multiple variations of a malicious phishing email scam on Friday (AEST).

Careful not to click through on the latest email phishing scam impersonating Microsoft Exchange. The first run of the attack began hitting email inboxes on Thursday morning AEST, 9^th May 2019.

Popular telecommunications company Optus has once again been spoofed by cybercriminals.

The email shown above is a new phishing attack detected by MailGuard.

The message sender has used forged American Express branding to try and convince the recipient that it’s a genuine Amex statement notification.

If you see this message show up in your inbox, please delete it; it’s a phishing attack.

Although it’s been designed to look like an innocuous notification message, the “view completed document” link actually points to a phishing page - shown below - set up to harvest people’s email login credentials.   

Banks are well-trusted institutions, so when cybercriminals are looking for good trademarks to use in their email attacks they often rip-off bank branding.

This new scam email uses the NAB trademark to try and persuade recipients that it is a genuine notification message from their bank. The message tells the victim that they have been sent a “SWIFT message” as a “confirmation of payment” to their account.

MailGuard has detected a new phishing attack exploiting the trademarks of the Law Council of Australia, Office 365, Yahoo, GoDaddy, Hotmail, AOL, The Law Institute of Victoria, and many others.

This phishing attack is aimed at collecting the login names and passwords of victims.

This scam message is meant to look like a quote request and is accompanied by an attachment containing malware.

MailGuard has detected this innocuous looking message which reads “we will like to know the price and availability of the following item in attach.”

If you see this email - shown above - in your inbox be warned; this message is a phishing scam designed to harvest your password and login credentials.

“Click on IT Helpdesk Tech to validate your email,” the link text in the message reads.

MailGuard has detected a new email scam that uses fake infringement notices to try and lure victims into clicking on malicious files. 
If you see a message like the one shown above in your inbox, don’t click on the “view infringement notice” link. The link actually points to an archive file which is infected with JavaScript malware.

The email message shown in the screenshot above is not a genuine DHL message. While it shows DHL trademarks and graphics it is actually a phishing scam.

MailGuard has detected a new email scam attempting to deliver malware to victim’s computers.

This malicious email - see screenshot above - is designed to look like a NSW Government “penalty notice,” using a fake “revenue.nsw.gov.au” link to try and lure victims into opening a malware-infected .doc file.