Scamwatch round-up – Xero and One Drive
- 22 June, 2018 07:00
ARN provides a weekly wrap of the phishing scams, malware attacks and security breaches impacting organisations across Australia.
This week, Xero and Microsoft's One Drive had their brands used by cyber criminals in order to deliver malware to Australians' computers.
Xero put out a notice on its website about a phishing scam hiding behind a fake Xero invoice.
The accounting software vendor warned users of reports of a new version of a fake invoice reminder, which appeared to heve been sent from different email addresses.
"A genuine Xero email will always come from a xero.com domain or sub-domain address," the vendor informed.
Xero also advised recipients not to click on the "view invoice link" informing that by doing so, recipients would be downloading a malicious file.
According to Mimecast the link in this phishing scam appears to download a banking trojan via a Traffic Distribution System which attackers use as a drive-by attack as a service, helping them avoid detection by researchers and security tools. It has been marketed on the dark web since late last year.
Late last week, email filtering company Mailguard reported a fake One Drive email had been identified.
The email contained a link that directed recipients to a fake Office 365 website with the intent to collect the recipient login information.
Scamwatch, the Australian Competition and Consumer Commission arm aimed at providing information to consumers and small businesses on scams, has received 8,771 phishing scams reports in 2018. A total of $230,000 has been lost in those scams.