So my closest relation with Xero is that I've heard of them.
Got an email saying bill is overdue, but predated.
Got a link with zero.com but opens in dropbox, phone wants to open with looper.
Thought I'd see if anyone got the same scam?
![]() ![]() |
Yup got the same one!
Hopeless to contact Xero!
Headers say from xero.com via xtra business mail!
When you say "an email saying bill is overdue", is it suggesting that you were billed by Xero themselves? Or is it from a business (but sent via Xero)?
If the former, I'd say it's a scam, if the latter then could it be someone you've done business with in the past?
Edit: sounds like a scam. See the Xero website for their scam advisories.
Finally found on Xero website:
Mar 29th, 2018 – Fake Invoice phishing variant
We’ve had reports of people receiving a new version of the fake invoice reminder phishing email, similar to those we reported in February this year.
This time, the sending address of the email is invoice@xero.com with a subject of ‘Your xero invoice available now’.
Please be aware that invoice@xero.com is not a sending address used by Xero, and this email was not sent by us.
Here is an example of the email:
If you have received this email, you should report it as phishing and delete it. Do not click on any links or attachments. The online bill link and PDF attachment in this phishing email will prompt you to download a malicious file, possibly ransomware. You can check the destination URL on a link by hovering your mouse over the link (DON’T CLICK) to see the actual destination URL. This will be displayed at the bottom of your browser window.
Batman: Got a link with zero.com
Does it really say zero.com or is that a typo?
Yup got one just now as well......
Gavin / xpd / FastRaccoon / Geek of Coastguard New Zealand
LinkTree - kiwiblast.co.nz - Lego and more
Support Kiwi music! The People Black Smoke Trigger Like A Storm Devilskin
NZ GEEKS Discord______________________________
Customer had a different one today.
It all looked legit, the link to the Xero invoice did in fact open the invoice on Xero's system, and the PDF was attached to the email as well.
Except the invoice was blank except for the companies name and GST number.
It was from some health company in Auckland that the customer had never heard of.
Opinions are my own and not the views of my employer.
My wife has been receiving quite a few of these at her workplace. She does a lot of legit work through Xero, and nearly got caught out the first time. She's since started looking at the link when hovering over it to make sure it actually goes to Xero.
ZL2TOY/ZL1DMP
That is why I prefer basic text invoices in the email. But it seems common practice for emails to be sent as PDFs. So I always just view them on the ipad.
Got a spark invoice too the other day!
![]() ![]() |