Important information about phishing scams

We have become aware of some emails that are circulating that appear to be from XERO or Sage but are actually phishing scams.  We always encourage our clients to exercise caution when opening emails and this is especially pertinent when dealing with emails that related to financial matters.

We suggest you look out for the following signs in emails you receive, as they can be a red flag that the email may not be legitimate:

  •  Unusual “From” address: Often these will look close to a legitimate email but a slight detail may be off, such as using a zero instead of a letter O.
  •  Request for urgent action: Many phishing emails will suggest you need to take action immediately to prevent or correct a negative repercussion. This is a very cynical tactic to try and panic people   so they don’t look too closely and click through to find more information.
  •  Generic greetings: As these emails go out to so many people most will contain vague greetings such as “Dear Member” 
  •  Fake web links: If you are on a computer browser you can hover your cursor over the link and it will show the website you’ll be taken to if you click on the link. If it looks unusual in anyway don’t click on it and contact whoever the email is claiming to be from directly. Equally, a real link doesn’t necessarily mean all of the links are safe. In the fake XERO email we saw, all but one of the links did actually link back to different parts of XERO’s website. This is to make the email seem more authentic, while the main link they ask you to click is fake.

Other signs to look out for include spelling and grammar errors, low quality graphics, unusual attachment and of course, requests for sensitive personal information such as bank account details or credit card numbers.

If you receive a phishing email you can usually report it through your email host, and it’s often a good idea to let the company the fake email was meant to be from know so they can take steps to warn other customers. If you have become a victim of a phishing scam that led to you losing money you should report this to your bank and the police as soon as possible.

Author Name: