Hopefully, by now people will know I'm not a big fan of cloudy stuff - which, in my view, brings with it security risks and a hindered work flow, along with other potential problems.
One I hadn't considered before was phishing - and it seems Xero users in Dahnundaland (er, Australia) were targeted by a phishing campaign. I can spot a phish a mile off, but most (all?) of my clients probably wouldn't.
And sticking with Dahnundaland, this morning I found a link to this little gem:
"In one case this month, payroll software used by a Melbourne accounting firm was hacked and the personal and financial details of 1600 employees of its clients were obtained.
An alarming level of personal data was plundered including, names, address, dates of birth, tax file numbers, bank account details, gross earnings and superannuation funds and membership numbers.
The scammers then prepared and lodged tax returns in the names of some of the unwitting workers."
This appears to have been data stored in Xero - so presumably the accountants in question fell for the phish.
Food for thought.
__________________
Vince M Hudd - Soft Rock Software
(I only came here looking for fellow apiarists...)
I was reading an article the other day that revealed Xero had emailed all it's customers to warn that phishing attacks were on the increase, and a small number of their customers had been victims. As with any online system, crooks will use sophisticated methods to gain access to data. I've seen a few phishing emails in my time, including some purporting to be from HMRC. Fortunately my clients tend to email me if they get one and forward it to me for my advice.
Like you, I'm pretty quick to detect phishing emails but on one occasion I nearly fell foul. I was having trouble logging into Barclays Online Banking at the firm where I worked, and an email came that day that said it was from Barclays and that I needed to reset the password or summat. Ah, that's why I can't log in and was just about to input the banking details when I realised what I was doing! It was just a co-incidence that the two things happened on the same day.
A tip for anyone who receives an email asking to click a link. Hover over the link with your mouse and the true link will appear in the bottom left hand corner. If it doesn't match the sender, don't click. Test it with Vince's link above to see what I mean.
__________________
John
Any advice given is for general guidance and professional advice should be sought applicable to your circumstances.
AFAIK, the phishing expedition only affected users in Dahnundaland (on this occasion) and that email Xero sent out was only supposed to go to to users in that country to warn them - but it accidentally got sent out to a wider audience (though probably not all users).
Stuff like this is only going to get worse, though, as more and more people drink the cloud-flavoured Kool-aid.
__________________
Vince M Hudd - Soft Rock Software
(I only came here looking for fellow apiarists...)
