Member-only story
Email invoice fraud is alive, well and profitable. But you don’t have to be a victim.
Invoice fraud is an old scam when a scammer sends fake invoices claiming to be from a genuine supplier. The invoice often says that payment information has changed and you need to use the new method. In many cases, the scammers may know of existing vendor relationships. The fraud is only discovered when the legitimate supplier follows up on non-payment.
If payment is made to these scammers, it is almost impossible to get the funds back. That is why finance teams need to have formal processes for making payments to suppliers, especially when payment details are changed.
The Internet, combined with cheap bandwidth and messaging, has made fraud in general and invoice fraud specifically, much more scalable for scams. Suppose a scammer wanted to send 2 million paper invoices to businesses across the USA. The postage alone would be more than $1 million. But sending 2 million emails can be done for under $100.
I am regularly receiving scam invoices in my email inbox. A recent popular invoice scam is around autorenewals for Norton anti-virus. As you can see from my Gmail spam folder, I have gotten 10 of these in recent days.
A quick perusal of these emails shows they are screaming out that they are scams. For the following reasons:
- Some have Norton misspelled
- None of them identify the customer by their name or business. Rather DEAR member, dear honest PURCHASER, dear SPECIAL buyer, DEAR special consumer, and DEAR precious customer
- It was sent from a Google Gmail account.
The invoice in these emails is in the $200-$300 range. So initially, the scam is not seemingly significant. Even if someone is a victim, the dollar amount is not substantial. But if one calls them to cancel your autorenewal, you will be told that you first have to connect to a cancellation page, as you can hear in this call with a scammer.
After filling out the form, they want you to install AnyDesk remote desktop software. AnyDesk is a remote control…
