Xero branding exploited in new phishing scam

Posted by Emmanuel Marshall on 15 May 2018 09:53:02 AEST

The online accounting platform, Xero, has been brandjacked in a new phishing attack.

MailGuard has intercepted an email scam using fake Xero branding to deceive victims into submitting their Microsoft login data to a phishing site.

The scam message  - shown in the screenshot above - informs the recipient that they have received a large payment, AU$145.008.31, on the Xero system and they can view their payment by signing in with their Microsoft or Xero login credentials.

If the intended victim clicks on the link in the email they are taken to a fake Microsoft branded login page, shown in the screenshot below:


This phishing page is designed to harvest the victim’s login credentials, to be used in identity theft.

An identifying feature of this scam is the sender name and address:

  • The display name is “Ginger Collins”
  • The sending address is “GingerCollins@betterbookkeepers.com”


Defend your inbox

Phishing attacks can be enormously costly and destructive and new scams are appearing every day. Don’t wait until it happens to your business; take action to protect your company, now.

Effective cybersecurity requires a multi-layered strategy. For a few dollars per staff member per month, add MailGuard's predictive email security. You’ll significantly reduce the risk of malicious email entering your network. 
Talk to an expert at MailGuard today about your company's cybersecurity needs: 1300 30 44 30

Stay up-to-date with new posts on the MailGuard Blog by subscribing to free updates. Click on the button below:

Keep Informed with Weekly Updates



Topics: Phishing Xero scams email scams Threat Update

Back to Blog


Something Powerful

Tell The Reader More

The headline and subheader tells us what you're offering, and the form header closes the deal. Over here you can explain why your offer is so great it's worth filling out a form for.


  • Bullets are great
  • For spelling out benefits and
  • Turning visitors into leads.

Recent Posts

Posts by Topic

see all