A number of PEXA users have received phishing emails, supposedly from PEXA, containing links to ‘WeTransfer’.
PEXA does not use this payment platform and the emails are not genuine. If followed, the link may download malware to your network.
If your firm has received such an email it should be deleted. If someone has followed the link, you should contact your IT support to ensure that no hostile malware is on your system. If your firm is a ‘QLS Member Practice’, contact the Cyber Essentials insurance line on 1800 027 428 for a free and confidential discussion with an incident manager.
More information on this issue is available from the PEXA website.
As a reminder, your firm should conduct phishing training periodically, and ensure that all staff know how they can have a suspicious email checked by your IT support. A ‘no blame’ culture is important – staff (and partners) need to know that, even if they have clicked on a hostile link, it is important to seek help immediately.