What should I do with fake bills

Fictitious invoices come with real data via email

In the current example there are mostly links in the messages that allegedly lead "to the shopping cart", "prepared documents" or to an "online shop" in order to understand the order. Since the recipients of the emails usually do not know anything about an order and also do not know the shop mentioned, the temptation to click the link is great. But beware: do not click on anything! There is a risk of infecting your system with malware (for example so-called malware and ransomware or viruses and Trojans). The Federal Office for Information Security has examined the links of some current emails with fake invoices. They lead to a zip file that contains the "Nymaim" malware.

Real recipient data - where does it come from?

Real data of the mail recipients cause additional uncertainty: You are greeted by your name and this is also mentioned in the course of the text. In other versions - such as those sent in waves in 2016 - even addresses and telephone numbers can be found:

When correct personal information is contained in such emails, recipients often believe that there must be something to the allegations. But that doesn't have to be right. The fraudsters often take advantage of the hacked databases, telephone directories or address traders. They come to the data, for example, via supposed competitions. Checked4you, the online youth magazine of the consumer center in North Rhine-Westphalia, explains a popular scam.

Three tips for recognizing fake invoices

  1. Who is sending the email? If the displayed sender and the supposed sender in the email text do not match, something is wrong! Do not be fooled by the displayed sender name, but let your program display the e-mail address. If you want to dig deeper, check the sender in the mail header.
  2. Can I remember an order? If not, it could either be someone else who made the purchase on your behalf or it was actually a fabricated invoice.
  3. Is the data of the company correct? In the case of attempted fraud, existing companies are often named, but for example the address given is incorrect. Type names and addresses into a search engine and check the results. If register numbers are mentioned, for example from the commercial register, you can check them on handelsregister.de. If you don't find a match, ignore the request.