Skip to main content

Fraudsters are constantly evolving the ways in which they target their victims, and reports have emerged of a new sophisticated email scam.

Financial Fraud Action UK have warned that fraudsters are now targeting businesses with a new ‘invoice email scam’. Due to the nature of this scam, if you’re self-employed, freelance or on a contract, you’ll need to know how to protect yourself against it.

What exactly is it?

Fraudsters send out emails with fake invoices attached. When unsuspecting victims open these attachments, your computer is infected with dangerous software. This software then goes on to give fraudsters access to information stored on your computer, such as online banking details.

The email will often look genuine to the untrained eye, but this is because scammers typically mimic the email address of someone legitimate, like a supplier or colleague to try and trick you into thinking that the invoice is real. The invoice will come in the form of a document or spreadsheet, but you’ll have to enable something called a ‘macro’ to view it. This macro is what installs the vicious malware, which has the ability to infect your whole computer.

This software will log your online banking details, as well as other financial information it can find letting the fraudsters access your accounts and potentially stealing your money.

How can you avoid it?

Anyone that receives invoices on a daily or weekly basis will need to be on the lookout for a scam like this. So to make sure that you have all the right information to protect yourself, follow our top tips:

1. Be vigilant when going through the invoices that you are sent. If you receive a suspicious looking email that seems to be from a reliable source, don’t reply to it. Instead, contact the company from the number that you have on file for them and check the authenticity of it.

2. Don’t enable macros on documents that you don’t trust.

3. Make sure that you have up-to-date anti-virus and security updates installed on your computer.

4. Ensure that you have firewalls in place to detect malware and prevent any of your data from leaving your computer without your permission.

5. Look out for poor spelling or grammar in emails, this can be a sign that it’s a fraudster rather than a professional organisation.

Legal Information