Recent surge in phishing email, including fake Xero invoices
A few sites have reported a surge in phishing email, possibly related to a new push of Locky ransonmware.
What makes some of them more difficult to pick up is how well they have been crafted to mimic legitimate email from services like Xero.
An important point to note: A fake Xero invoice email does not mean that Xero, the billing organisation / sender, or yourself have been compromised. In most cases the companies and addresses are randomly generated or email addresses harvested from spambots.
What you need to do:
- Carefully check email with links and attachments to confirm they match the source
- Don't open attachments from email you were not expecting or do not know the sender
- Run antivirus software and check that it is up to date.