We have to be especially mindful when receiving emails regarding faxes, voicemails, and invoices.  Here are a few examples of a rash of emails claiming the recipient has received a FreeFax, a voice message, or an E-invoice from Microsoft.

The ruse of sending “faxes”, “voicemails” and/or “invoices” has been used by phishers for a while now.  If you receive emails stating there is a link to or an attached invoice, fax, or voicemail, proceed with extreme caution as these types of emails are often used to spread malware.  If the email is from an email address/sender you don’t recognize, my suggestion is to delete the email and move on.  If you do receive invoices, faxes, or voicemails via email on a regular basis, take a few seconds to analyze the email and compare it to emails previously received you knew were trustworthy.  

Look for the following discrepancies when comparing:

• Is the sender/email address the same?  Even if it is the same, continue analyzing the email to make sure the email address/sender wasn’t spoofed.

• Is the signature block the same?

• Does the fine print at the bottom match (copyright or privacy warning)?

• Is the format of the email the same?

  • Look for format differences in
    • Wording either in the body or subject.
    • Style either font or layout.

Below is a sample of a few of the senders/email addresses and subject lines used.  The email addresses are "spoofed", meaning they are faked to appear to come from the senders and email addresses listed.

Below are 3 examples of emails with the malicious links or attachments.

Below are examples of what happens if you did click links or open attachments.