On 4th September 2017, it came to our attention that fraudulent emails purporting to be from OnePosting were being sent to email addresses based mostly in the UK and Ireland. These email addresses were not obtained from OnePosting, and in the vast majority of cases, are not email addresses of OnePosting customers.
The fraudulent emails have copied text and layout to make them look similar to our emails. They also contain our contact details and website, and are designed to trick recipients into clicking their links - which route the user through a Sharepoint website and ultimately to a zip file containing malware. These emails originate from a domain "onenewpost.com" which was registered in China on 4th September 2017, and they have used networking addresses hosted by OVH.com.
OnePosting uses various means (e.g. SPF/DKIM/Reverse DNS) to protect against a third party sending email using our registered domain names. However it is not possible to prevent a third party from setting up their own domain and sending emails. We have contacted all of our customers to explain how they can tell the difference between a genuine OnePosting email, and a fraudulent email.
It is important to note that there has been no breach or compromise of any OnePosting services, systems or data at any point.