TR-51 - How to react to fraudulent acts of third party invoicing or requesting funds without showing any purchase order

TR-51 - How to react to fraudulent acts of third party invoicing or requesting funds without showing any purchase order

Back to Publications and Presentations

  1. Overview
  2. Details on the scams
  3. Scams examples
  4. Fixing, re-mediation and mitigation
  5. References
  6. Classification
  7. Revision

You can report incidents via our official contact including e-mail, phone or use the Anonymous reporting form.

Search


CIRCL is accredited TI CIRCL is a FIRST member CIRCL is an OASIS member

Overview

There are many deliberate fraudulent acts occurring frequently in Luxembourg as means of securing unfair or unlawful gains, of which fake bills and advertising scams are unfortunately common. CIRCL is often contacted by victims of such scams, and would like to issue a clear warning related to such frauds as false billing, fake invoicing or related fake advertising.

This TR document describes the nature of the scams and provides hints on how to react.

Details on the scams

Businesses, either big or small, often receive suspicious physical letters via postal services or unsolicited email messages. Among those, many fake billing and advertising scams exist which can be grouped into three categories:

  1. Quotes looking like bills - These are quotes crafted to look like invoices or bills, requesting payment for goods or services that never were received. CIRCL insists upon the fact that all fine prints should be read on any invoices, supposedly fake or not, as most of the time this will identify the true nature of these scams. An example of such scam is reproduced hereafter. Since this is not a proper bill, no further action is required besides reporting the fraudulent documents to the appropriate authorities. Creating such documents does constitute a fraudulent act under Luxembourg law.

  2. Fake invoices - Such invoices include no fine print, but simply demand payment for goods or services that you never ordered or never received. Ask for written proof of the original order. The sender must be able to present evidence of your alleged purchase.

  3. Advertising fraud - Unsolicited email messages offering advertising, directory entries or other services. Remember, you’re under no obligation to reply. Again, the purpose of the message is fraudulent, in the sense that victims most often believe that the received mail does not constitute a commercial offer. Most of the time, the true nature of the document is revealed in fine prints. Once you’ve signed and returned the offer, you might end up in a deal that is binding.

Scams examples

Here is an example list with fraud letters received by trademark holders from third parties recorded by the Benelux Office for Intellectual Property (BOIP). The recipients of these letters are often under the impression that they originate from BOIP, EU IPO, WIPO or some other official agency:

Similar lists, with example letters including misleading invoices can be found on the websites of EUIPO and WIPO.

Fixing, re-mediation and mitigation

If you think you’ve been scammed you should report the incident to the Police that will help you proceed. For scams implying on-line activities, do not hesitate to contact CIRCL.

If you think you’ve been targeted by a scam, you should also report it to CIRCL so it can be investigated and eventually added to Information Sharing Platforms to further information exchange with the relevant actors and thus anticipating or even eliminating malicious actors and future abuse. Please try to keep as many proofs as possible (e.g. envelops or/and mail exchanges), as any details can help.

Implementing best practices to train staff to recognize such attacks early on is of utmost importance. A trained eye can better spot malicious content then a lazy one.

N.B: Coincidences can also be a source of confusion. Sometimes legitimate purchases from a big on-line retailer for instance, could overlap with a fake invoice wherein you are asked again to pay a certain amount. This does not necessarily mean that the retailer has a security issue but might be pure coincidence. Having proper business processes in place to verify any external communications related to purchases or other contractual obligations should be in place and regularly tested and amended if need be.

References

Classification

TLP:WHITE information may be distributed without restriction, subject to copyright controls.

Revision

  • Version 1.0 - TLP:WHITE - First version - 20171123