Earlier this week, MailGuard detected an email scam spoofing popular cloud accounting firm, Xero.
This is not the first Xero based scam MailGuard has seen recently. Accountants, bookkeepers and financial professionals are particularly attractive to cybercriminals who know that they hold access to valuable financial information for company payrolls, invoicing, and the like.
The body of the email is simple, advising recipients that their Xero invoice is ready, and that the amount in the invoice will be debited from their credit card. The amount will be debited from their credit card on or after '23 Oct 2018'. It contains a link to view this invoice, which is malicious.
This email scam is a good reminder of the importance of being vigilant when accessing emails. This is mainly because despite employing several techniques to boost its credibility, the email scam does contain some red flags that point to its illegitimacy.
Watch the full scam below:
MailGuard urges all cyber users to be vigilant when accessing their emails.
Here are some tell-tale signs of email scams
- Do not address recipients directly (e.g. “Dear customer”)
- Bad grammar or misuse of punctuation and poor-quality or distorted graphics
- An instruction to click a link to perform an action (hover over them to see where you’re really being directed)
- Obscure sending addresses (for example, Hotmail, gmail, Yahoo addresses should set alarms bells ringing)
Take Action to Defend Your Business
Email attacks can be enormously costly and destructive, and new scams are appearing every week. Don’t wait until it happens to your business; take action to protect your business and your staff from financial and reputational damage, now.
For a few dollars per staff member per month, add MailGuard's cloud-based email and web filtering solution to your business security. You’ll significantly reduce the risk of new variants of malicious email from entering your network. Talk to an expert at MailGuard today about your company's cybersecurity needs: email@example.com
Keep up to date on the latest email scams by subscribing to MailGuard’s weekly update, or follow us on Twitter @MailGuard.