MailGuard Blog

A new scam posing as a job application email is being detected by MailGuard.

The scam looks like a benign message from a job applicant, linking to their resume (see screenshot image above) but the link in the email actually points to a malware file that targets devices running Windows operating systems.

The fake Origin Energy bill notice in the screenshot above is an example of a new email scam that is targeting inboxes today.

The scam email message invites recipients to view their bill online, but the .doc file the link points to is infected with hidden malware.

 
A new Netflix email scam attempting to steal credit card information has been detected by MailGuard.

The scam message tells the recipient that Netflix ‘failed to validate’ their payment and that they need to log into their Netflix account to ‘verify’ their ‘billing and payment details’.

A computer virus that seeks out and destroys antivirus software; that’s AVCrypt, a new ransomware variant discovered on Friday.

The AVCrypt malware is designed to locate and delete PC antivirus software Windows Defender and Malwarebytes and then install ransomware onto an infected computer. By eliminating the computer’s antivirus programs before beginning the ransomware attack, AVCrypt effectively removes the local security protection that most PCs rely on to prevent such attacks, making this a very dangerous new malware strain.

There’s a nasty email scam out today that’s impersonating an Australian wedding photography company; 'Corral Photography.'

MailGuard has detected a batch of scam emails that are designed to look like invoice notifications from the photographer and contain a ‘view invoice’ link which directs the victim of the scam to a file containing malware - see screenshot, above.

Last December, cybercriminals stole millions of dollars from several law firms with a simple email scam.

The scammers phoned the lawyers and asked them for legal advice. After a conversation over the phone they promised to email the lawyers some ‘important documents’ related to their cases. When the lawyers opened the emails they found links that pointed to documents stored on an online file sharing site that required them to enter their email account passwords to gain access.

MailGuard has intercepted a new zero-day email scam exploiting Dropbox branding.

As a well known and trusted company, Dropbox’s trademark is regularly used by cybercriminals as camouflage for their phishing attacks. Scammers copy the Dropbox logo onto their emails to lend authenticity to their scams, a practice known as ‘brandjacking’.

MailGuard has intercepted a new criminal-intent email that is exploiting Ezi Office Supplies branding.

You can see in the screenshot above that this scam message is well formatted and looks like a legitimate invoice notification.

A new phishing scam has been detected by MailGuard, exploiting the trademarks of Microsoft Office 365 and Xerox.

This criminal intent email attack takes the form of a plain text message purporting to be a Xerox document sharing notification. 

In this age of internet-based commerce, all cybercriminals need to do to take control of our company’s finances or steal our data is get us to click on a link. Scammers have come up with some devious tactics to induce their victims into falling for their tricks, and one of the most successful is brandjacking.

Mailguard has intercepted new criminal-intent emails that are designed to send victims to a fake St George Bank login page.

As can be seen in the screenshot of the email the message is very brief and simply formatted.

“I have antivirus software installed but I’m still getting scam emails!”

Does that sound familiar?

Spam, phishing, criminal intent emails... inboxes are still the most useful tool for cybercriminals to steal sensitive data and access computer networks. Most companies use antivirus software of some sort but antivirus doesn’t stop new threats or advanced malicious-email attacks.

MailGuard has detected a new fake invoice scam brandjacking MYOB.

This message is designed to look like a legitimate invoice delivery email. It has MYOB branding on it, and a ‘view invoice’ button.

MailGuard has detected a new zero-day phishing scam using fake Netflix branding.

Netflix has become a favourite vehicle for email fraudsters. Their large customer base makes them a valuable target for brandjacking; cybercrime that exploits the trademarks of well-known companies to deceive victims.

MailGuard has detected a Zero Day phishing scam using fake CBRE branding.

The message contains a download link purporting to be a scanned PDF document from a Xerox Multifunction Printer. This link actually goes to a website designed to harvest victim’s Microsoft login details.