SCAM ALERT! The email invoice phishing scam I almost fell for!

Phishing emails continue to get harder to spot these days. The malicious attackers are getting better at crafting legit-sounding emails, which makes it difficult for regular everyday folks to stay safe.

Most recently, my sister sent me an email that was sent to her asking if it was legit or not. Upon looking at the email, I knew it wasn’t legit right away. I had received something similar recently and dismissed it as bogus. The email reads like this…

Dear Valued Customer,
Thank You For Your Recent Purchase With Lamphered LLC by Amazon.

Your account has been set for Auto Debit from your saved billing on the account in next 24 hours.
The items will be shipped in 48 hours and you will receive a confirmation email once they are shipped.
You will receive another email with the Tracking Number.

If you want to cancel/modify your order, get in touch with us before it gets delivered @ 1 831::525::9405

Please find your order information below:

Order Number: OIU8-JHG5-CXZ2
Order Date: 10th July 2021
Order Name: Forex Machine 56” Dual
Delivery Mode: Express Free
Amount Spent: USD 789.23
Mode By: Your Checking Account

We hope you shop with us again soon.

Amazon Inc
Helpdesk : 1 831::525::9405

Another one I have seen looks like this…

Thank you for choosing Geek Squad again.

Dear Geek user, We are glad that you chose the

best security for your devices

Thank you for subscribing Geek Squad Virtual Subscription for 3years for $379.99 USD.

Your services will be valid until next update.
Your susbscription id is #GSS74818DQ4711
We are glad to have you as Geek Squad Member.
This subscription comes with 7 days money back guarantee.
If you have any issue with the service, please contact Geek Squad Support on +1 (833) 351-2470
*Working days – Mon-Sat (08:00 – 19:00)

I refer to these types of emails as Invoice email scams or subscription email scams. These emails are designed to scare you and make you act on it without thinking. You see that your checking account has just been charged $789.23! At least according to the email. First things first, the email is NOT legit. This is a scam.

The email is phishing for information and wants you to call them to hand it over. In this case, they want you to call the number, and then they will “verify” your checking account information, or your credit card information. While they pretend to verify your information, you are handing them the keys to your financial kingdom.

This is a successful email because it doesn’t get picked up as spam. There isn’t any language in the email that is particularly spammy, and there are no links in the email for the spam filters to flag.

There are a few tell-tale signs that this is a phishing email though.

The grammar is poor

One sure-fire way to tell an email isn’t legit is to pay attention to the language in the email. This sentence alone should be a red flag “Your account has been set for Auto Debit from your saved billing on the account in next 24 hours.”

CHECK: When you get an email that makes you think it could be spam, read through it VERY carefully and pay attention to the grammar errors.

The email scares you

Anytime an attacker gets you to react before you think, they win. They try to make sure to get an emotional reaction from you right away, and fear is usually their “go-to”. In this email, the fear is that you just paid a LOT of money for something that you weren’t aware of or planning on. You want to make sure the email isn’t true, so your first reaction is to call them right away.

CHECK: If an email makes you want to react right away, stop for a minute, take a breath, and think about what the email is saying logically.

The email address looks strange

This particular email came from a regular Gmail address. Something that is really coming from a company would have a company-branded email address like If it DOES have a legit-looking “from” address don’t take that as gospel that the email is legit. Email addresses can be spoofed so they appear to come from an address that the email doesn’t actually originate from.

CHECK: Expand the email header and look at the “from” and “to” addresses for any oddities.

If you are still unsure about the validity of the email you have received, you can open a web browser, or your phone and independently check your back account for any pending charges. Never click a link in a suspicious email though! always type in the URL yourself if you are unsure about a phishing email message.