Many people have been receiving phishing and/or malicious emails which say they are from Xero or use the Xero logo. Beware! Delete them! 

Please also report to Xero – [email protected] 

Make sure you check the sender’s email address. Xero says “It pays to be sceptical”. 

A genuine Xero email comes from  domain or sub-domain eg,,   

If the email comes from a strange email address, please be cautious.  

These emails try to impersonate the Xero sending addresses and may appear to do so.   

Do not click on any links or attachments if you think this might be a suspicious email! 

Many clients have recently received Fake Xero Billing notification and fake sign up verification emails.

This is an example: 


An obvious tell-tail sign – the sender address does NOT have any of the Xero domains or sub-domains mentioned above 

If you receive a fake  Fake Xero Billing notification Do not  click on the link to view your bill. The link in this phishing email will redirect you to a malicious website. 

Xero has established a special web noticeboard to share this information. See: 

Click here to read about phishing emails that have been detected like the Fake Xero Billing notification and fake sign up verification emails.   

Two other recent Xero security blogs you might find helpful to read. 

If you’re an existing Xero user, we recommend enabling Two-Step Authentication (2SA) as another layer of protection for your account. You can find out more about 2SA  here. 


Please contact us if you would like to discuss this article or the financial management of your church at [email protected] or 1300 138 627 





© Benkorp  Management Services Pty Ltd 2018