The lowdown on phishing scams and fraudulent emails


Recently, we’ve been made aware of fraudsters trying to scam clients of the excellent cloud accounting app Xero.

Internet banking and cloud accounting have rigorous and extensive security measures to protect users from illegal activity.  However, just as in the ‘real world’, there will always be fraudsters trying to ‘phish’ for your details, so it’s worth being vigilant to any suspicious activity.

‘Phishing’ is an attempt by criminals to steal your information, whether that’s your banking details, or your usernames and passwords.  It normally occurs via email, when they send the victim a seemingly authentic email from a trusted source, asking them to open a link or attachment or download a file.  This will usually either ask for the information in an apparently trustworthy way (such as pop-up message that looks like it is from your bank), or will download software onto your computer to steal it from under your nose.

So how do you know if it’s a scam?

Phishing emails are increasingly sophisticated at spoofing legitimate messages, but there are some tell-tale signs that can give away a fraudster:

  • Asking for information they should already have.
  • Calls for urgent action – ‘Pay this invoice or your account will be closed’ is the sort of fake urgency a fraudster would create. If you think it may be urgent, telephone the company involved.
  • Bad spelling and grammar – obviously real companies sometimes get this wrong too, but an email peppered with basic mistakes is bit suspicious.
  • A different URL to the one displayed in a link – instead of clicking on a link, just hover your mouse over it. If the address that pops up is different to the one named in the link, that’s a problem.  Never click on it to see if it’s a valid link.
  • Offers too good to be true – a random stranger depositing money into your Paypal account, winning a competition you hadn’t entered, a huge reward for a tiny effort – if it sounds too good to be true, it probably is.
  • A change of tack – if an email looks a little different from the usual ones the company sends, be suspicious. Maybe it’s come from a slightly new address, or it is addressed to you in a different way, it could be fraudulent.  Fraudsters often register fake domain names which look similar (but not identical) to genuine sites, for example instead of

Never reply, and never open a link or an attachment in a suspicious email – not even just to see if it’s real. 

Contact the company that it appears to be from, and delete it from your Inbox, before running an Anti-virus scan.  If the email appears to be from Xero, they have a dedicated email address ( ) that you can use to report phishing attempts.

Xero also maintain the Security Noticeboard which records possible threats and advise you on how to tackle them.


Fighting the fraudsters – how to recover your cashIntroducing Xero Cloud Accounting