THE DUTCH NATIONAL ANTI-FRAUD HOTLINE

Something fishy?
Report fraud to us between 09.00 and 17.00 Monday to Friday.

‘Paid invoice’ links to malicious software

30 May 2018

Cyber criminals are sending out email messages carrying the subject line ‘payment invoice’ [betalingsfactuur]. Don’t click on the link given in them; you may risk having your computer infected with malicious software (malware).

The messages are distributed by different senders. These include both Dutch and foreign organisations. The text in all these messages is in Dutch.

Recipients are made to believe that they’ve paid an invoice. They are told they can find more information about this invoice in the attached PDF file. Many recipients may be tempted to click on the image displayed in the email. Don’t do this. The images links to a .Zip file. By opening this file, you may install malware on your device.

Here’s an example of this email:

Always think twice before opening any email attachments sent by people or organisation that you don’t know. Any reference to an ‘attached invoice’ should be a red flag for you. You’ll be wise to constrain yourself and not to click on impulse. Scammers are known to use .Doc, .Zip or .Pdf files as a vehicle to spread malware.