By September 15, 2015Bookkeeping

Here is some very important information from Xero

Keeping you safe online is very important to Xero. We’re aware of the increasing number of phishing scams that are targeting the customers of banks and other large companies.

A phishing scam is when malicious emails target customers by pretending to be from a legitimate company such as Xero, using an email address like They’re not targeting the company websites, but rather your login and access details. As online fraud continues to grow, we’ve put together some advice so you can stay safe online. Read more on our blog.
We’re aware of a phishing scam that’s targeting Xero customers. Xero has not been compromised in any way, and your important data is still safe with us – your security is paramount. Since being made aware of these emails we’ve been working with our phishing protection service to analyse the phishing campaign and take down the websites used.

Recent phishing emails (emails that did not come from Xero) had subject lines like:

Subject: Credit Note CN-87151 from …

Subject: ACH Approval Letter

Subject: Invoice INV-…

Emails like this contain malicious content such as viruses. If you’ve received one, don’t open it – and if you do open it, don’t click any links or attachments. Delete the email. If you’re ever concerned you’ve received a phishing email or one that pretends to come from Xero please forward it to:

If you’ve got any questions or would like to know more, read our latest blog on security.
The Xero Team

Recent update from Xero:

The email address as an example of a legitimate email address that may be used for phishing. We should have said that this particular email address is the very one that we use for most outgoing emails from your Xero Organisation. Thousands of legitimate and perfectly safe emails are sent from this email address every day.

A phishing email pretending to be from Xero was recently sent to random email addresses. It was not specifically targeting Xero customers. This involved the spammers creating an email with an attached .zip file which had malicious content, and pretending to be from our email address.

If you do spot anything unusual let us know at


Leave a Reply