Overview of phishing techniques: Fake invoice/bills
Introduction
Invoices can be a costly matter — and not always in the usual sense. Phishers believe that you would have a hard time spotting fake bills, which is why they’re increasingly using them as part of their mass mailings.
These scams happen when adversaries trick individuals into transferring funds by acting as legitimate companies. Paying just a single fraudulent bill can set you up for being a victim of a bigger fraud down the line.
Phishers can send fake invoices/bills to both individuals and companies. Last year, a Lithuanian man pleaded guilty for sending bogus invoices for computer gear to Facebook and Google. The scam allowed the fraudster to bilk the tech giants out of $123 million over the course of two years.
On an individual level, many Apple users received fake iTunes bills for purchases they didn’t make. Phishers duplicated an authentic Apple email and also placed the company’s logo on the invoice, making it difficult to determine whether it was legitimate or fake. Below is an example:
In this article, we take a closer look at how fake invoice and bill phishing scams work. You’ll learn about common attack techniques, how to identify the potential red flags and what defensive measures are available to you.
How do fake invoice/bill scams work?
Typically, these scams work in three steps:
- Phishers attempt to find contracts and names of suppliers providing goods to a particular company
- They impersonate a legitimate supplier and send bills to subordinate personnel
- They try to solidify their efforts by sending fake letters that claim to come from the actual supplier’s designated bank
Fake invoice scams take advantage of the fact that the average email user or someone handling administrative tasks for a business may not know whether any product or service has actually (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Dan Virgillito. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/icjuPo84VpU/