MailGuard has detected a new email scam using fake ‘Xero’ domains in the sender addresses.
This message, shown in the screenshot above, is designed to look like an invoice notification from ‘The Advocates Property Advisory.’
The message contains a ‘view invoice’ link which if clicked, directs the scam victim to download an MS Word .doc file containing hidden malware.
This message is being sent out with a wide range of variations in the sender addresses.
Some of the sender address variants seen by MailGuard include:
These fake ‘Xero’ domains were all registered yesterday in China.
This sort of email scam is a technique used by cybercriminals to infect computer systems with trojans, spyware and ransomware. Victims who unwittingly click through to the fake 'invoice' document and open it will activate hidden code in the file that will infect their computer without their knowledge.
Malware attacks like this can be extremely damaging to computers systems and have the potential to cost companies millions of dollars in damages, lost productivity and reputational harm.
Please keep an eye out for this criminal-intent email and share this warning with your social networks.
#ZeroDay update: we've intercepted another batch of malicious emails using the same simple HTML email design and messaging with new domain variants, including: xeroaccounts(dot)net, xeroform(dot)net, xeroproject(dot)net, xero-accounts(dot)com 100% blocked by #MailGuard. https://t.co/OgrFZndBZq— MailGuard (@MailGuard) February 26, 2018
Take Action to Defend Your Business
New malware scams are appearing every day. Don’t wait until it happens to your business; take action to protect your company from financial and reputational damage, now.
Effective cybersecurity requires a multi-layered strategy. For a few dollars per staff member per month, add MailGuard's predictive email security. You’ll significantly reduce the risk of malicious email entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs: 1300 30 44 30
Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below: