How the Latest Fake Invoice Schemes Could've Been Avoided


Thought Leadership

How the Latest Fake Invoice Schemes Could've Been Avoided

Dena Bauckman

Intuit and Automatic Data Processing, commonly known as ADP, are two of the largest providers of business IT. So it was not at all surprising when hundreds of users received emails from these companies alerting them about past-due invoices. What was surprising was when users opened the emails, downloaded the invoices, and automatically infected their machines with malware.

This is just a recent example of a well-established email scheme. First, hackers try to build trust by impersonating a well-known sender. In this case, they used spoofed email addresses that claimed to be from the Intuit or ADP invoicing departments. The text used in both emails also impersonates the professional and courteous style of business communications. Thanks to clever mimicry, nothing about these emails immediately stood out as fraudulent.

Next, hackers try to build urgency by focusing on a past-due invoice. Companies don't want to leave bills unpaid, which is why most of the people who received these fake emails immediately downloaded the attached invoice. Unfortunately, as soon as they took swift action, the malware began systematically bypassing security measures and taking hold of data. If users were more cautious, they may have noticed that the attached invoice had a nonexistent title, but hackers know how to manipulate users into making mistakes.

These tactics are so common because they put users into an untenable situation. Most people know that email attacks are common and that the average inbox is full of threats, but identifying these threats takes time, focus, and close scrutiny. It means scouring the details of every message and carefully vetting every click in advance. That would be annoying for anyone, and for business users, it’s inefficient and counterproductive. As a result, users tend to trust what arrives in their inboxes as long as those messages are not draped in red flags.

The only solution is to take the evaluation out of the user’s hands. Perhaps they don’t have the time, expertise, or inclination to pour over every detail; Zix has designed solutions that do.

ZixProtect includes layers of protection to defend against the latest attacks. It also offers an attachment sandbox to analyze anything suspicious for further testing and evaluation. If the attachment is safe and authentic, it’s seamlessly passed on to the original recipient. But if it’s malicious, it’s excluded from the inbox entirely. That way, users can’t fall prey to the careful traps that hackers have laid.

The Intuit and ADP emails have both been run through ZixProtect, and in both cases, the malicious code was immediately identified. Zix users didn’t have to worry about an invoice going unpaid, and they didn’t have to worry about one attachment sending their tech into turmoil. ZixProtect creates peace of mind and, crucially, keeps email and business running.