Information Hub‎ > ‎The Bad Guys‎ > ‎Examples Index‎ > ‎

Invoices & Other Billings

Updated 01-01-2016

This is also an old game that gets a face lift from time-to-time.  Don't fall for their trap because so many of the general guidelines apply to these often simple scams to cause you pain!

Here is one actual example:

        Natalie Johns <JohnsNatalie74@speakeasy.net>
        FW: Invoice 2016-M#441161

        To:

        Message:  Payment_2016_March_441161.zip (4 KB)

        Dear first-part-of-your-email-address

        Please fine attached two invoices for processing.

        Yours sincerely,

        Natalie Johns
        Account Manager

       ----------

SO WHAT'S GOING ON HERE:
  1. The e-mail address that "sent this" most likely is bogus and if it is real, it most
    likely was a coincidence.  Often they will use the e-mail address then change
    the domain name (in this case @speakeasy.net) which may be real or bogus.
    Not everyone sees this Red Flag.

  2. The FX: Invoice 2016-M#441161 is a smoke screen to entice you to open the attachment using essentially the same information in the file name.

  3. The "To" field uses the last name only with no capitalization.  Another Red Flag.

  4. What attached 2 invoices, there is only.  Another trap to get you to open the attachment because you see only one.  Red Flag.  A legitimate company would most likely attach the two separate invoices for your examination.  That's they way their computer systems are normally designed.

  5. Perhaps one common Red Flag seen often is the size of the attachment, reflected by the (4 KB) after Payment_2016_March_441161.zip  Many high risk attachments seem to be 4 KB or 4 Kilobytes in size.  Also note they will change the year and month name to make it look authentic.

ARE THERE OTHER SIGNS TO WATCH FOR?

Certainly.
  1. If you are doing business with these people why do they only use part of your full e-mail address?  Why is nothing capitalized?  Where is your first name?
    Why?  Because they have no idea or care because their game is to play a mind game and get you to open the attachment.

  2. If this was legitimate why is there no reference to the charges?  Would you pay a bill that did not specify details of the transaction?  If you would, rethink your decision on handling money.

  3. Why no company information?  They don't have a company name!

  4. Why no address?  They will stay in business only for a few days and they are not looking to get anything from you but the hope they really cause pain and suffering when you open the attachment.

  5. Why no contact information should there be a dispute?  Because there will not be any dispute as your PC may be so trashed it is unusable.