sb-au logo
Story image

MailGuard warns against extortion phishing emails

MailGuard has highlighted dangerous email scams following its interception of a large run of extortion phishing emails that demand a ransom payment in bitcoin.

According to MailGuard, there are several versions of the email scam, however the overall theme is the same and all attempt to blackmail their target.

For instance, the email will tell the victims that sensitive, often deeply personal and embarrassing information has been obtained and unless a ransom payment is made in bitcoin the content will be published.

The emails use various display names, subject titles and sender details. Some utilise compromised accounts and others forge the recipients’ email addresses to confuse or trick the target into thinking their account has been hacked, as claimed in the email.

In many cases, the email contains the user's password from compromised accounts, in fact often in the subject line, to demonstrate that the cybercriminals have access to the account.

MailGuard states, “We strongly advise all recipients to delete these emails immediately without responding. Please share this alert with your social media network to help us spread the word around this email scam.”

“It is key to remember that these scams are all fake, and cybercriminals do not have any incriminating or personal information to use against you. Rather, they are trying to tap into your fears and paranoia.

"This is a reminder to be careful about how we use our mobile devices and computers, and of the threat of online surveillance. Think carefully about what data is being stored or shared online that might be used against you," the company wrote in a statement.

According to MailGuard, in most cases if you receive an email there is no reason to be concerned. These emails are typically generated in their thousands by online scammers using limited personal details, with the aim of scaring recipients into paying the ransom.

The information in the email is often collected from the internet from previously known data breaches. As such, MailGuard recommends people to not give the perpetrator any money or images, and stop all contact with them.

If a blackmailer is threatening to reveal intimate images online, do not give in to their demands, instead report it to the Office of the eSafety Commissioner.

If the email includes a recognisable password, all accounts that use this password should be changed. Make sure to use a strong password and don’t reuse passwords across different accounts. You can also set up 2-factor authentication where available.

To find out where your email may have been included as part of a data breach you can visit Have I Been Pwned.

Story image
With cyber-threats continuing to evolve, organisations need to remain in the fight in 2021
Teams can make improvements in 2021 by having a more comprehensive understanding of the threats that are out there and defining how they conduct operations to offer flexibility to adapt better.More
Story image
Video: 10 Minute IT Jams - Vectra AI exec discusses cybersecurity for Office 365
In Techday's second IT Jam with Vectra AI, we speak again with its head of security engineering Chris Fisher, who discusses the organisational impact of security breaches within Microsoft O365, why these attacks are on the rise, and what steps organisations should take to protect employees from attacks.More
Story image
Video: 10 Minute IT Jams - Bitglass director on all things SASE
This is our second IT Jam with both Bitglass and Jonathan Andresen, who is the company's senior director of marketing. In this video, Jonathan discusses all things related to Secure Access Service Edge (SASE): its advantages over traditional security tech, what enterprises should look for, and how SASE relates to cloud-delivered secure web gateways.More
Story image
emt Distribution brings Netsparker security solutions to A/NZ and APAC market
emt Distribution has announced it will bring enterprise-level Netsparker dynamic application security testing solution to Australia, New Zealand and APAC businesses.More
Story image
Trend Micro integrates with AWS Gateway Load Balancer for improved security function
Cloud security firm Trend Micro has announced its hybrid cloud security integration with the newly launched AWS Gateway Load Balancer.More
Story image
Advanced Threat Protection from Fortinet: Prevent, detect and mitigate
Cornelius Mare, Fortinet A/NZ Director, Security Solutions, explains why zero-day threats represent an unacceptable risk to your enterprise and how to protect your network by adopting Advanced Threat Protection security services.More