The fake invoice scam arrives in your mailbox as a supplier offering an invoice with alternative details after their payment details were “updated”. The sender can pose as an actual supplier or an employee in your organization. For this reason, businesses and organizations are advised to heighten their security measures.
How Does The Fake Invoice Scam Work
Aside from scammers pretending to be suppliers,
you might also receive scam emails asking you to renew your website domain or asking to list your site in a trade
directory. Sometimes, someone in the organization might get a call to confirm details about an order or service.
This is an advantage to scammers trying to get information from large organizations where communication between departments might be difficult.
The scam email avoids email security filters by including image versus text. Legitimate messages are rarely just an image. Here’s a scenario that usually happens in this scam:
How to Avoid the Fake Invoice Scam
- You receive an unexpected from utility provider with attachments.
- The invoice contains a phone number or email to contact for a refund on the purchase.
- The sender requests credit card or bank account details and asks you to download or install software that might contain malware.
- Unusual purchases or activity will appear on your account and your device might be infected with malware.
Once the payment reaches the account, getting it back is very difficult. Call your bank immediately to report the incident. In some cases, international transactions can be intercepted. In order to prevent this from happening to you, be proactive in identifying invoices, especially if they are asking for a large sum of money.
- Be careful when processing invoices
- Verify vendors and suppliers sending invoices
- Double-check invoice information
- Contact suppliers to confirm their accounts
- Strengthen e-mail security