Malware Xeroing in on Cloud Accounting Customers

by Dr. Fahim Abbasi, Rodel Mendrez
Sept. 12, 2017 1 comment Detection & Response

We witnessed a sophisticated phishing campaign on 16th August 2017, targeting victims by sending spoofed phishing email messages appearing to come from Xero. Xero is a New Zealand-based software company that develops cloud-based accounting software for small and medium-sized businesses. The scammers sent phishing email messages globally, impersonating Xero. These messages contained malicious links that trick the victim into downloading a zip archive, containing a malicious JavaScript file. On execution, this JavaScript downloads and launches banking malware on to the victim's computer that steals their personal and private information and leaves them vulnerable to the mercy of their attackers.

negrii_irina88 8 months ago

a situation that is very common today .. it's unpleasant to know that any moment you can be the victim of such malicious files..:(