2018 Invoice scam
The email servers of several legitimate businesses have been compromised, meaning phishing emails are being sent with links to fake invoices, receipts or insurance documents.
An Italian restaurant, an osteopath and homeware retailers are among the authentic businesses caught up in the scam.
The emails are likely trying to steal personal information or install malicious software.
The affected businesses have released warnings via social media and have taken steps to secure their mail servers.
Consumers should always alert about unexpected emails, particularly if they contain a link or attachment.
WA ScamNet advises:
- Delete the email immediately.
- If necessary, contact the business via its legitimate telephone number to confirm if the correspondence is genuine.
- If you have clicked the link, run your antivirus and/or have your computer checked by a technician.
- If you have logged into any important accounts, change the passwords on a separate device.
- Report scams or ask for further advice by contacting WA ScamNet.
See our pages on phishing and similar scams involving fake infringements and fines for more information.
Don’t sign away profits to scammers
Businesses are often targeted by scammers hoping that busy firms may sign invoices without checking their authenticity. Sometimes these fake invoices are for a listing in a publication which the business hasn’t ordered.
The scammers are often banking on admin workers, who process invoices, being unfamiliar with all of the company’s financial transactions and letting a false invoice go through the system. Bosses may simply have a stack of papers to sign and be too busy to check all the details.
The type of services these fake bills may require payment for are:
-
Advertising in an industry magazine
-
Securing an inclusion on an international online database
-
Registering a web address or trademark
-
Office supplies
Chances are these invoices will have the name of a current and relevant member of staff. This has usually been obtained by a phone call where the receiver may have been asked to provide business details for a supposedly free trial of some sort or under the guise of business survey.
As well as being addressed to an employee, the bill is likely to look authentic in terms of document layout and formatting. The amounts can vary from $300-$1,000, which may go unnoticed by a business, however, if paid by multiple businesses amounts to a hefty profit for the operators of the dodgy scheme.
Sometimes the people behind these false billing schemes threaten a non-paying business with legal action. Experience tells us they will not achieve an outcome in Court because they have deceived the business and broken the law themselves by making a demand for payment under false pretences e.g. for services or goods you didn’t want, order, need or perhaps even receive.
Consumer Protection handled some 142 enquiries between March 2011 and February 2012 about unsolicited invoices. That's an increase on the previous 12 months – there were 90 enquiries from March 2010 to February 2011.
It’s not just a problem in Western Australia though. We know that in Victoria, for example, there were almost 300 reports of this kind of scam in 2010-11. It led to Consumer Affairs Victoria producing a six-part series of one minute YouTube videos called ‘Stevie’s Scam School’ to benefit businesses across Australia.
You can view these videos and also find a number of other new online tools to help businesses protect themselves from false billing and unauthorised advertising scams on our Tools for small businesses page.
You should also follow these tips to avoid business scams:
-
Make sure staff who pay invoices or answer phones are aware of these scams
-
Never pay anything that has not been authorised or fully understood.
-
In the case of a magazine or newsletter subscription or advertisement, require evidence of distribution before payment of the account
-
Don’t take verbal assurances on their face value, always check
-
Request a copy of the signed authority upon which the order was placed