We’re now seeing phishing emails being sent from the @post-xero.com domain. The full From address is firstname.lastname@example.org, rather than Xero’s legitimate email@example.com address. We’ve started the process to get the @post-xero.com domain taken down.
CryptoLocker a relatively new family of virus/ransomware and is catching out a few too many unsuspecting victims. It is based on extorting money from infected users who are tricked into running it. The victim receives an email with a password protected ZIP file often purporting to be from a courier company. CryptoLocker hijacks and corrupts users’ business documents and demands them to pay a ransom (with a time limit to send the payment).