Phishers send fake invoices

Share this page

We’ve recently heard that scammers are recycling an old phishing attempt. In this version, scammers, posing as a well-known tech company, email a phony invoice showing that you’ve recently bought music or apps from them. The email tells you to click on a link if you did not authorize the purchase. Stop – do not click on the link. That’s the new twist on an old scam.

More precisely, you just experienced a phishing attempt – that is, when a scammer uses fraudulent emails or texts, or copycat websites to get you to share valuable personal information. The scammers then use that information to commit fraud or identity theft.

Scammers also use phishing emails to get access to your computer or network – then they install programs like ransomware that can lock you out of important files on your computer.

Here are some tips to help keep your information secure:

  • Be suspicious if a business, government agency, or organization asks you to click on a link that then asks for your username or password or other personal data. Instead, type in the web address for the organization or call them. The link in the email may look right, but if you click it you may go to a copycat website run by a scammer.
  • Be cautious about opening attachments. A scammer could even pretend to be a friend or family member, sending messages with malware from a spoofed account.
  • Set your security software to update automatically, and back up your files to an external hard drive or cloud storage. Back up your files regularly and use security software you trust to protect your data.

 

Lastly, report phishing emails and texts by forwarding them to spam@uce.gov and filing a report with the FTC.

Tagged with: phishing, scam

Comments

Oh, I get buried in these things. But (1) I know what I have and haven't ordered and (2) With any email, I take my finger off the button before I put my mouse over any link, and look at the link address at the bottom left of my screen. It rarely matches who the email claims it is.

Why don't you post example images of the emails?

Hi, TonyJ! If memory serves, I tried to include a screen shot of one of the emails to them, but, per their own advice to us, they don't open any attachments! :(

On all cell phones should be some kind of device that deletes before consumers get it!

New things have to be invented for sure. These people need to be caught. There's no reason so many people's lives should be upset.

In email, look at who sent it. A mishmash of letters and numbers @whatever.com would hint you it’s not legit. Misspelled words and missing capitals or bad grammar is another red flag. On a PC you can set to block senders or by key words to filter the number of these you get.

We are under attack by actors daily as is most small business. Very time-consuming stopping to double check your operation. Sadly it's a must for conducting business. Using well-known software can help. Phishing scam, privacy violations, online security compromise is our business for it a must be to prevent lost.

got my eye on this one thanks

I copy links in suspect email then paste them in a text doc to see waht they really say and if they all are the exact same link I know it’s something to not believe.

This scam is also perpetrated using an out-of-area 855 number. I did not answer the call so they left a voicemail message. Unfortunately (or fortunately) the number was not one that could be called. People need to be aware about seemingly valid phone calls.

I have recently received two e-mails purportedly from Apple which informed me I had purchased some sort of music and the click on a link if I didn't. I recognized this as a scam and sent the e-mails to Apple.

Good idea. Your attorney general should be of help in going after people, too.

I also have received those same messages , claiming to be from apple .

I too got the same email and clicked on the link to dispute it, when that link didn't work I found out that it's scammers and now I don't know what to do,can you help?

Sometimes scammers send messages that include malware, and when you click on a link it activates the malware.This FTC article about malware (malicious software) tells what to do if you start to notice problems with your computer.

One of these low-lifes hacked into my email account and sent one of these phishing invoices to everyone on my contact list.

Yes, these are old scams and they are resurfacing. Our business has received several "Invoices", we delete on receipt. Thank you for the information

Whenever I get an email or phone call that makes me curious or interested and unknown, I don't open it or answer phone. I've been scammed using my family twice and worried alot but didn't fall for it in the long run. Always check with family involved. Also report it to FTC to help others.

I have also received a text message to click on a link. (I have a free Google Voice number, so fortunately, that's a computer number.) I get phishing emails constantly. Thank you for the reminder that phishing attacks are still prevalent and create high exposures ehich can further cybercriminal activities.

Your information on watching scammers are insightful. As business adviser, I appreciate and value your inputs. Thank you for caring and having a watchful eyes, to protect small business

Home Services Calls from area code 202. Am on NO CALL LIST. Recording with the old "Press 1." Asked to be taken off their auto-dialing. Angry and abusive, nasty person "talked over me and hung up. Called them back and requested removal and told them I was on the FTC no call list and further call would be "actionable.) Received 5 calls so far. Am keeping the phone numbers date and time. How do I "prosecute" them if they continue to bombard with phone calls?

I too get alot of emails stating that my order was ready to ship or that I have purchased something that I know I haven't. I put my mouse over the address and check out who is sending this stuff before I delete it.

I have been getting emails about a payment that I made on a credit card that I don't have as well as credit card payments that are due. I am so sick of all of the scammers!

The American Medical Association sends me Renewal Invoices even though I don't belong. I've complained to the USPS Postmaster without reply.

I have been receiving many of these emails from PayPal stating that I have ordered something. They have a website for these emails. I forward everything to "spoof" set up by paypal for these emails. Lucky for me I opened them first. Found out what to do. thank you .

I’ve gotten a few emails from my best friend and my daughter (spoofed, of course) with an invoice and a link to open the supposed invoice. My friend is a teacher and my daughter has a business. Neither of them have any reason to send me an invoice. An invoice from my daughter? Really?!? I let them know they’ve been hacked. I hover over the email address and it is not their address.

Thank you for your message.

I get several emails about credit card payments being received and about credit card payments that are due. In addition, there are emails about packages being shipped. I am sick of these phishing emails!

For protection of emails. Always set up second verification for sign in purposes. The second verification should always be notification through text or an app on your phone such as google or microsoft that notifies you whenever there is activity. open a new page to company such as Apple or Amazon and contact the company. Most of these phishing scams disguise as internet companies such as Amazon, Ebay, ITunes and PAYPAL. Also beware of online accounts with department stores as well. When not sure do not respond without contacting company

Thank you for this information.

I received email from Microsoft store to download update. Not sure if this was from Microsoft but I did order an update but it was downloaded when I purchased it. The email started with, "Hi there!" And I don't think that's how Microsoft starts an email! They usually start it with your name.

I received an e mail tonight from (supposedly) L L Bean who I often order online items from. I opened the PDF file before thinking. Of course, it was a scam, but my question is, since I opened the file, am I now in danger?

This FTC article about malware (malicious software) tells how to detect and get rid of malware if you notice it on your computer.

Beware of this type of scams, previously a subject named Philippe Bellasio in France used it in a mail network that requested data with the excuse of having won any prize and used this data to perpetrate scams or identity thefts.

Received email stating: "We recently received an order for the following product: Order Reference Number: 71525-21575- Product ID ; Product Name : Order Price: MS-12256 Microsoft Surface Pro: $3,676.88 USD - You may check the status of product here. Product status www. google. co. in/> If you have questions about the product, you may dall at 1-800-972-2370. (toll-free) Regards, Microsoft Customer Service" WE DID NOT ORDER THIS OR ANYTHING FROM MICROSOFT! - EMAIL CAME FROM: <enquiries. dept@ EPRODUCT. XYZ> Reference # 71525-21575- We did not order this - we do not want this - have directed our bank NOT TO PAY in any way for this order!

I get 2 or more phishing attempts each week that look like an Apple invoice for items I would never buy. I forward them to reportphishing @apple. com as well as to my email's junk/phishing link. When an attempt comes from a bank I don't use, I go to that bank's website and find their email for reporting spam attempts. I will also begin sending them to the link above - spam@uce.gov. These people are criminals and we need to do our part to stop them, not just safely delete offending emails.

Theft of data through false web pages.
This type of scams is one of the most used by Philippe Ballesio and his criminal organization. It consists in cloning web pages of banking entities and, like many people when they want to consult their account statement, they do not usually write the link of the bank's website in the Internet bar, but they use a search engine. This action means that, from the search engines, you can probably access a cloned page created by Philippe Ballesio. By entering the username and password of these sites, it is certain that the data of the "clients" will be stolen, which will allow the band of criminals led by Philippe Ballesio to enter the real account to make transactions and steal the balance banking.

Just like Almost Got Me above I too received an email stating I had ordered a Microsoft Surface Pro for $3,676.88 along with a reference number and a phone number that did not even resemble a real phone number. I checked all my credit card accounts and ran a full scan on my laptop. There's a special place in hell for these people.

Got the same email today. Did these scumbags tap into your bank accounts? I haven’t deleted the email in the event it is needed for evidence.

My friend received an email early hours of this morning with my name as the sender.. Addressed to my friend and it said.. I am near Adelaide. This email was not sent by me plus the senders address is the email address above?? This is highly suspicious.. Does anybody know what this is.??

Just got an email from llbean claiming I made a purchase. I checked all my credit card accounts and called llbean. They didn't recognize the order number but everything else was legit incl. the email address sent from. I did not click on the link within the email

Got an email from a hotmail account for a handyman. Receipt for services paid via cash. Project #. No links, but my name,email address, and street address were all correct. After I opened it I deleted it.

Had a one year romance and said he was a soldier, everything seemed real. He send me pictures. An ID and possport. Even send me a picture of his retirement check for $657,000,000. I have those pictures.

If you get an email and the link you click wants you to enter your email address and password, they can then login to your mail server and send to everyone on your contact list as if it were you. Your computer will not be infected but you will need to change your mail password on your mail server.

Does this look like a fake email..? What a Scam!

I am Mr Bamba Claude an Auditor Officer, PNC bank . I need your collaboration and your Services to disguise 2.5M dollars Euros from an account where we conceal the fund after Nicolas Sarkozy lost French election of 2011. The fund was part of the gift given by late Libyan president to the former French president Nicolas Sarkozy for his re-election. Pressure Under the current investigation on the issue, pushed me to contact you, nobody knows about this deposit in the bank. My intent is to contact you to aid in the safekeeping and to invest the fund with you, Reply strictly through my personal Email: bamba_ claude@ africamel. net for more details. Have a nice day, anticipating your communication. Regards, Mr. Bamba Claude Senior Audior Officer, PNC Bank

I received an email from what appeared to be from iCloud Support(s) with an attachment the yes, I opened the pdf attachment and it was an invoice stating that they had withdrawn money for 2 TB of iCloud Storage, but I never ordered it. There was no other information and it didn’t ask for any information from me and had no links to click on. So no I wonder if it activated some type of malware when I opened the PdF. Has there been any other complaints about this type of email and if so, what is the signs to look for? I checked my Apple account and did not see that this was ordered or that there was such a billing. Also checked my bank acct and nothing was withdrawn. I contacted Apple and they want me to forward the email
an an attachment, but can’t figure out how to do that on my iPhone using Outlook for my email. Help!

Received a phony invoice email today for $25 saying if I did not order the ‘Starlight’ item to click on the PDF to dispute the payment. The instruction was to not just click on the PDF but to download it first to keep it on my computer, then to open it from my computer. I immediately deleted it....

i know i have no virus or malware so how do they know when you pay a bill to send you a fake link for that place right after .

On my Gmail account that I use for signing up for newsletters and everything, I've been getting a bunch of "invoices" and "returns" and "dispute status" messages from "Ali Express" using a consistent customer name. Just today, I got my first two from "Michael Kors" for another person who is decidedly not me: one receipt and one return. My first instinct is to contact them to tell them they have the wrong address. And that's what they're phishing for! A nice sucker who will reply to these things. Noping right out of that! You should, too!

I received an email from a Ms. Baida which seems a little suspicious I have attached the email: Hello Dear, I am contacting you due to my critical illness, I have decided to give away my wealth to you as a donation for charity work. Respond to my private Email at baio@ bai-office. com for more details. Yours Sister, Ms. Baida.

Pages

Leave a Comment