Our blog

Xero are making their customers aware of the increasing number of phishing scams targeting customers of banks and other large companies.  These are malicious emails sent out to customers, pretending to be from legitimate companies like Xero, with the aim of obtaining your login and access details.

They’ve recently been made aware of a particular phishing scam targeting Xero customers.  Emails appear to have come from Xero’s legitimate address (message-service@post.xero.com), have a .zip file attached and a subject line like:

Subject: Credit Note CN-87151 from…

Subject: ACH Approval Letter

Subject: Invoice INV-…

These emails have not come from Xero, and contain malicious content such as viruses. If you’ve received one like this don’t open it.  If you have already opened it please make sure you don’t click on any links or attachments. And if you’re ever worried that you may have had a phishing email pretending to be from Xero, you can forward it to phishing@xero.com

Xero have put together some advice to help you stay safe online, including how to recognise bogus emails, which you can read here.