none

Complete I.T. Blog

An Increase in Fake Invoices Sent from 365 Accounts

by | Oct 1, 2018 | Cyber Security

Fake-invoices

Today we bring you some advice straight from our helpdesk team who have seen an increase in fake emails being sent from Office 365 accounts. This latest cyber-attack method sees an email coming from an apparently familiar domain requesting a statement of accounts – in other words, the supplier, let’s call them X, receives an email from their client, let’s call them Y, asking to see how much they owe X along with requesting details on how to pay.

These emails are received via slightly different domain addresses, but to the untrained eye this is very easy to miss as the email layout, sender name and signature will all appear as if they have come from the legitimate address.

Unaware that this is an attack, X sends said statement of accounts to the email address that requested it. As the requesting address is a fake domain setup by the attacker, they then gain access to an official statement of accounts that should have been sent to Y (or not as the original request was fake).

The attackers are then able to change the bank account details on the statement of accounts and send this fake copy over to X’s legitimate customers explaining that this is what they owe and details of how to pay. Again, to the untrained eye of the user receiving this statement, they will most likely be none the wiser and will forward to their accounts team to settle the payment. Any payments sent to the bank details on the invoice will end up straight in the attacker’s bank accounts, ultimately meaning X believes they have settled their payments with Y, when in reality Y didn’t send the statement in the first place.

The helpdesk team have put together these 4 steps in checking that any emails you receive are in fact legitimate and not a phishing attack.

  • Is the email unexpected?
  • Is the sender unknown? In other words, does the domain actually match who they say they are?
  • Does the email have any links or attachments it wants you to open?
  • Is it written in poor English, or have grammatical mistakes?

If one or more of the above can be answered ‘Yes’, then there is a possibility the email is not genuine. The more ‘Yes’s’, the higher the probability that this email is actually a cyber attack. If you would like to discuss this further and understand the measures we can implement to prevent your organisation falling victim to these kinds of attacks, please contact us today.

Website Pop up - Have you registered yet data protection Webinar

Get In Touch

Contact Us

Head Office 01628 243 057
Email info@complete-it.co.uk


Peterborough – 01733 731 367
Swindon – 01793 934 307
Oxford – 01865 800 008
Bristol – 01172 420 786
High Wycombe – 01628 243 057
London – 02078 462 332
Manchester – 01618 234 107
Birmingham –01214 610 315

x