Spammers have been trying the false invoice scam for many years but now there’s a more targeted and dangerous version.
A couple in the UK lost over US$35,000 when they were tricked into paying a bill they did owe, but to a different bank account.
Their email account had been hacked so the criminals knew about their business dealings.
The baddies emailed a sincere looking invoice for an amount the couple knew they had to pay. The faked invoice looked correct but had bank details for another account opened by the criminals.
The couple saw the expected invoice in their Inbox and paid it, not realizing until too late that they’d been had.
The lesson here is the importance of securing your email account.
There’s lots of talk about using secure passwords for bank accounts etc, but rarely is the importance of email accounts considered. If someone gets control of your email account they can see what companies and banks you deal with. The ‘Lost Password’ option on many sites gives a hacker the ability to reset most of your accounts because they can intercept the lost password email.
There are all manner of scams available once someone get into your email account – so beware. Keep your email password secure and change regularly. Consider two-factor authentication (it’s not for everyone but worth considering).
