A new version of an invoice-related email scam attempt has recently been circulating. There are numerous versions using various legitimate-sounding companies and sender names, with a subject line similar to “Invoice Due #697234”, and are accompanied by embedded links and at least one attachment. Sample email wording is as follows:
Attached is the invoice for the work completed at your property. Payment should be remitted to the invoice below. We appreciate your business.
For security reason the invoice is password protected: 258
Should you have any questions, please do not hesitate to contact us.
As this is a confirmed scam attempt, you may simply dismiss and delete the message. These emails are attempting to either of the following:
- Steal your email password with a phony invoice payment request from a company or contact with whom you may have conducted business
- Lure you into downloading a virus attached to or linked from the email.
If the attachment is opened and the user does not have anti-virus software or firewall programs on their computer, their system could be infected. As always, links and attachments in unsolicited or unanticipated emails should not be accessed unless the sender can be positively verified, as they may contain viruses. It is best to contact the company or person directly (without responding to that email), in order to verify the sender.
For tips to avoid being victimized, and to report or seek advice on dealing with fraud and scam attempts, contact Cynthia Nield at cnield@lians.ca or 902 423 1300, x346.