Scammers keep on trying the same trick: they are still in the business of spreading malicious software (malware) through fake invoices sent by email. Below, you will find a few recent examples.
The trouble is that these tricks apparently pay off, otherwise the criminals would stop sending invoices to people which notify them that the due date for a payment has passed. Evidently, there are still plenty of people who fall for this.
An unpaid invoice generally makes people feel uneasy and the senders of these scam emails are fully aware of this. This increases the chances of recipients actually clicking on the hyperlinks given in these messages. If they do, malicious software may be installed on their computers.
Of course, the criminals may also send out fake invoice as a way of obtaining confidential information from the recipients or to get people to pay a non-existent invoice. The examples below have all been designed to spread malware.
Very often, these invoices purport to come from telecom providers like T-Mobile, KPN or Vodafone. Here are two recent examples (click to enlarge):
For several weeks now, invoices have been sent to Dutch recipients from an Austrian or Italian domain. The language used in these email messages is Dutch. The subject is invariably the word “invoice” followed by a number:
Around the summer of 2016, there was a wave of fake invoice scams supposedly from a transport company. Dozens of variants were sent. They were all designed to spread ransomware.
The senders of such emails are hoping that the recipients will respond quickly without giving these messages much thought. Naturally, you’ll want to pay your bills as soon as possible, but you should always check whether these invoices are authentic.
When in doubt, contact the company’s customer service. If the invoice is truly authentic, it doesn’t matter if you wait for another ten minutes before paying. Don’t rush. There is no need for hasty payments.