Phishing scams are becoming more and more common on the internet. There are some known examples that most know to avoid, like emails from Nigerian princes asking for your bank account details or supposed attorneys informing you of a long-long relative’s death, promising you the money if you share all their personal details with them.

However, there are also phishing scams which target the customers of specific companies and the users of specific software. Phishing scams targeting the over 1 million business owners using Xero Bookkeeping and other Xero products are a risk you need to recognize and know how to avoid.


How phishing scams work

A phishing scam will look like any other email in your inbox. Many of them may be automatically placed in your spam box, but that isn’t always the case. Xero phishing scams often put in the effort to replicate an authentic Xero email. They may even use an email address that looks legit or copy Xero’s actual email address of [email protected], using it as the name of the sender while masquerading their actual email address.

The aim of these phishing scam emails will differ. Some emails will encourage you to click a link which requests that you input account details, financial information, or other data which can be used by the senders to commit identity theft. Others may encourage you to download an attachment or will have a link leading to a download prompt. Downloading the file as prompted often results in malware being installed on the computer.

Malware can do a lot of damage, from deleting or stealing files from your computer to locking it down entirely, making you unable to access any files or programs until you agree to send money to the criminals behind the malware. The latter is known as “ransomware.”


How to avoid phishing scams

In both cases, phishing scams can cause a lot of personal and financial harm. They should be avoided by any means necessary, but how do you do that?


Step One: Verify the sender

The first step in avoiding phishing scams is to verify where it has come from. Some scam emails can be identified from email address alone. If you get an email that claims to be from Xero, take a look at the email address and see if it matches up with past emails you have received from them. Even if the sender has a legitimate looking name, or uses a legitimate Xero email as the name, it may be hiding their true identity. You can look at the real email address.


Step Two: Look for suspicious details

Though some phishing scams are well made and sophisticated, many of them have basic errors that can quickly make them stand out from real emails from Xero. Take a look at the wording used in the message and any logos attached. If they don’t match up with other messages from Xero, it’s likely a fake.


Step Three: Inspect the link, but don’t click on it

Most phishing scams involve clicking on a link. Rather than clicking any link provided in any email you receive, you should inspect the URL. Does it link to the Xero site? If the URL is even slightly off, it’s not worth trusting. What’s more, most bank and business websites are secured, meaning they have a “https” at the start of the URL instead of just “http”. Don’t click any links leading to a “http” website. Even if it’s a legitimate email, you can just go to the Xero site yourself and log in there instead of following the link.


Step Four: Get in contact with the company

Whether it’s Xero or another company or bank you are signed up with, if you’re suspicious about an email, you can simply call them up or email them separately on a support address to see whether or not an email is legitimate. Xero has a [email protected] website specifically for this purpose.


Examples of recent Xero phishing scams

At, you can see updates reporting on the most common and recent phishing scams targeting Xero customers. Some of the most recent scams include:

  •         A false request for information mimicking Xero’s request for confirmation post-GDPR
  •         False invoice emails marked as “URGENT”
  •         Fake billing notifications

Keep up with the updates from the website to double-check whether any suspicious emails you receive match the latest variants of reported scams. These scams evolve regularly, so you may get several that don’t match one another over time.


Be wary of email phishing scams

The most sophisticated phishing scams can replicate every element of legitimate correspondence from Xero perfectly, to the point of copying their email addresses. If you are ever in doubt, use the Xero website to get in touch with a member of their support team and see if they can verify the email.