Business Email Compromise (BEC) Part 4 of 5: The Bogus Invoice

by | May 13, 2019 | Cyber Fraud

According to the FBI’s 2018 Internet Crime Report, Business Email Compromise (BEC) is the most successful method used to gain unauthorized access to networks. Techniques to do this do not need to hinge on tech savvy, either. “Social engineers,” as they are called, are people who used to be called scammers, grifters, sharpies and swindlers. They are today’s con artists, and their con is the art of constructing emails that misrepresent. There are five types of email compromises that tend to target businesses, and today we look at one method that is very common. Chances are good that you have seen it. It’s the Bogus Invoice.

The Bogus Invoice

Typical Target: Companies with foreign vendors and suppliers, online accounts and registries

Method of Manipulation: The social engineer poses as a supplier. Again, they will often masquerade behind a spoofed email address or phone number.

Objective: Masquerading as a supplier, they request fund transfers for “payments owed,” directing those payments into a fraudulent account that they control.

An Example: The Fake Domain Renewal Notice

This is one of the best-recognized scams. It is the sudden notice, via email, that the company’s domain is about to expire in a couple of days, and if payment is not made (by following this clickable link), the registration will have expired and the domain will become locked.
Here is an image of an actual Bogus Invoice, with the name of the company and its representatives altered.

Click to view:

How do you know it’s a fake domain renewal notice?

You can always check your domain registration status quickly and easily on Enter your domain name in the search field provided. It will come back with the report that your domain is taken (by you, of course). To the right of this alert, there is a button named “Whois” – click on it. This will take you to a report with all the public registration information about your domain, and most importantly, who is the actual registrar and of the domain (such as GoDaddy, DotCom, etc.) and when the domain is actually up for renewal.

Educating Employees to Recognize Fraud

Making sure that employees are educated about these types of frauds, and how to verify true invoice and account status emails from fraudulent ones, is so important. The goal of this particular kind of scammer is to make money by causing an employee think he or she is paying for something needed by the company, or paying for something the scammer suggests is due. Make sure employees always verify invoices are legitimate before paying.

Email Security Solutions are Available

Along with employee training, utilizing effective email security software that filters out common spoofs, scams, and phishing emails is also imperative. Having Email Security Solution as part of a business’ security posture will prevent a multitude of malicious email scams. Email being the most prolific attack vector for cybercriminals, we certainly recommend it.

Hybrid VDI - Total Economic Impact of VMWare End User Computing