Keeping you safe online is very important to Xero. They’re aware of the increasing number of phishing scams that are targeting the customers of banks and other large companies.
A phishing scam is when malicious emails target customers by pretending to be from a legitimate company such as Xero, using an email address like firstname.lastname@example.org. They’re not targeting the company websites, but rather your login and access details. As online fraud continues to grow, they’ve put together some advice so you can stay safe online.
We’re aware of a phishing scam that’s targeting Xero customers. Xero has not been compromised in any way, and your important data is still safe with them – your security is paramount. Since being made aware of these emails they’ve been working with their phishing protection service to analyse the phishing campaign and take down the websites used.
Recent phishing emails (emails that did not come from Xero) had subject lines like:
Subject: Credit Note CN-87151 from …
Subject: ACH Approval Letter
Subject: Invoice INV-…
Emails like this contain malicious content such as viruses. If you’ve received one, don’t open it – and if you do open it, don’t click any links or attachments. Delete the email. If you’re ever concerned you’ve received a phishing email or one that pretends to come from Xero please forward it to: email@example.com.
If you’d like to know more, read their latest blog post on security.