The Business Advisory Blog

The Business Advisory Blog

Insight, news and updates from Alliott NZ Chartered Accountants, Auckland New Zealand. The views expressed here are the views of the author and should be discussed in further detail should an article be relevant to your individual circumstances.

While every effort has been made to provide valuable, useful information in this publication, this firm and any related suppliers or associated companies accept no responsibility or any form of liability from reliance upon or use of its contents. Any suggestions should be considered carefully within your own particular circumstances, as they are intended as general information only.

Greg Millar
Published on

Fake Xero billing notification

We’ve had reports of people receiving fake Xero Billing Notification emails.

The email subject this time is ‘YOUR XERO INVOICE REVIEW’ and is being sent from the email address ‘’. The invoice numbers used may vary in an attempt to make the invoice more convincing.

Please be aware that this is not a sending address nor a domain used by Xero, and these emails were not sent by us.

Here is an example of the email:


If you have received this email, you should report it as phishing and delete it. Do not click on the link to view your bill. The link in this phishing email will redirect you to a malicious website.

If you’re an existing Xero user, we recommend enabling Two-Step Authentication (2SA) as another layer of protection for your account. You can find out more about 2SA here.

Source: Xero

Topics: invoices Phishing security Xero