There is a very simple scam whereby the scammer sends out invoices by email or letter to random people and businesses claiming to be due to be paid or maybe overdue. Note: this is not the same as receiving an email labelled as an invoice but with an attachment that contains malware.
What is the point of this?
Some people and some businesses when faced with an invoice that looks real will pay without verifying that they actually ordered the item referred to and have received it.
The scammers make the verification process difficult .e.g. a local hospital received a printed invoice for an iPad provided by medic.com. The letter had the name of a medical building opposite the hospital but the hospital’s postcode.
The letter was passed backwards and forwards between the two buildings looking for someone who recognised it.
Fortunately the invoice wasn’t paid – it was finally recognised to be fake.
A real invoice would have the buyer’s name on it plus the department name and a purchase reference of some kind that could be traced.
Also in this case, the company logo for medic.com was clearly badly printed and it makes no sense for a medical supplies company to be providing an off the shelf computer such as an iPad.
If you’re an individual and you receive one of these scam emails or letters, hopefully you will know that you haven’t ordered the listed product or service and hence that the document is fake.
However, it is more difficult for businesses. Businesses must ensure they always use traceable purchase references and that only a limited and agreed group of people can place such orders and hence any such invoice can be easily traced back to the relevant purchaser if it’s real.
If the attached invoice is a zip file then do not open it as it may well contain a virus or other malware.
Warning Signs of Fake Invoices
· Not addressed to a current employee
· Has no purchase reference
· The attached file is a zip file or a jar file
· You don’t know the supplier name
· The senders email address is not a business domain but Yahoo or Hotmail or similar.
Fake Invoice Vs Unpaid Invoice Scam
The unpaid invoice scam is when you receive an email claiming to be an unpaid invoice but it’s just to get you to click on a link that will be nothing to do with invoices. Those are usually a mechanism to persuade people to open attachments which contain malware. The invoice topic is simply a lure.