Fake Xero invoice emails

Aug 23, 2017 | Uncategorized

Xero have had a number of reports from clients who have received a phishing (scam) email from an array of email addresses claiming to be Xero.

The email addresses used are varied and can be anything from spoofing email addresses claiming to originate from bill@xero.com and ones that are spam email addresses such as;  subscription.notifications@open-e-mail.com and message-service@xeroaccounting.org.

Example Phishing Email:


The links on the phishing emails tend to take xero clients to a fraudulent replica of the Xero login page, where offenders are hoping to trick Xero customers into disclosing their login credentials. The websites are almost exactly the same as the Xero login page however, they have a fraudulant web address.

Example of the FAKE login page:


Xero’s legitimate web address is https://www.xero.com and their login page is https://login.xero.com. We recommend always checking that you are logging into the genuine Xero site before entering your login credentials.


Please DO NOT click on any links or images or enter any log in or bank details if you are suspicious of any emails recived by Xero – contact Xero support first of all to check its authenticity. If you are suspicious of an email please forward it to phishing@xero.com.

A genuine Xero email will always come from a xero.com domain or sub-domain address, e.g. @xero.com, @post.xero.com, @send.xero.com, @sendau.xero.com, @sendnz.xero.com, @support.xero.com.  If it’s not from a xero.com address, be suspicious.


Some more examples of some phishing emails:


To view more info on this matter please follow this link: https://www.xero.com/blog/security-noticeboard/ 

 You can also find more information about how to protect yourself from email phishing attacks here.


Other news you might like:

Funding for Care Seminar

Please join us for a seminar with My Care Consultants, who will answer all your questions on funding for care, be that in a care home or at your home.

read more