Spam-Phishing Emails - Invoices, Bills, and Past Due Notices
Phishing schemes come and go. They are like waves in the ocean where sometimes a few types are at a high while others are at a low. Analysts are always looking at these trends and trying to keep up with the latest developments for each type of email scam. Sometimes an old scam returns in the same way as it started. Usually, there are small tweaks made to improve the likelihood that the email will make it past the spam filter and into your inbox.
One scam that has been used since early on in the email world is the “you owe money” one. This is when you receive an email stating that there is an outstanding balance or past due amount that you owe for something. It can be personal or related to your company and seem legitimate.
There might be a link with a message stating to click on the link to view the invoice or login to your account for information.
Other times there is a Word, Excel, or PDF document attached to the email with a message stating that details can be found by opening this attachment.
The best thing you can do when you receive a suspicious email like this isn’t to run a virus scan, ask your friends, and (certainly) not to open the link or attachment; The best course of action is to contact directly the person or organization stating that you owe money and ask them if the email is legitimate and that you owe money.
Here is the tricky part: if the email is a scam, the contact information provided is likely bad, too. The email, website link, phone number, etc. likely connects you with the criminals who will only try to convince you that the email is legitimate.
So what do you do?
Easy: If it’s an organization, open a browser and Google the name of it and find its contact information. If a person you know, pull their contact info from your email or phone contact list, or, if you don’t have it, check LinkedIn or Facebook and message them. If you don’t know the person or can’t find the organization it is likely a fake one created for this scam.
Send a quick message or email, or make a phone call to ask about the email you received. If you have to wait for a response, close the email and don’t worry about it until you hear back.
If the contact reveals that you don’t owe money, then it’s a fake and should be deleted from your inbox.
This process applies to a variety of scam email situations beyond past due notices. Here are some other types of email scams to watch out for where you can respond in the same way:
- Need Additional Information: A company or organization may be represented in these emails stating that you need to submit additional information for whatever purpose. Could be for an account, taxes, a loan, or otherwise. Rarely, will a company need additional information unless you have recently involved yourself in a process where this is likely, such as applying for a loan or similar.
- Contract: “Your contract is attached” or “your digital signature is needed” may be the header. The email may present itself as being from DocuSign, Adobe, or another digital contract provider. It also state to be from your TV or telecom provider, such as Time Warner, Comcast, AT&T, Verizon or otherwise. Be mindful that if you didn’t expect this, it’s most likely a scam.
- Lending or Business Opportunity: This world requires money to run and your mind may be on needing a loan, line of credit, or getting involved in a business to make more of it. Keep in mind that many emails claiming to be a legitimate organization will come through and be enticing. Be mindful that if you didn’t sign up for it, it’s likely fake.
When it doubt, find contact information outside of the email and contact the organization or person to confirm or deny its legitimacy – it’s as simple as that.