Skip to Content
© Justoomm | Dreamstime.com
Security & privacy

This fake invoice is scaring Microsoft Windows users into paying up

Another day, another scheme to rip you off makes an appearance. It seems as soon we come up with an excellent way to protect against cybercriminals, they are two steps ahead and find another loophole.

One of the newer schemes thieves are using incorporates vishing. Of course, vishing is when criminals conduct phishing attacks over the phone. Tap or click here for a recent warning from the FBI on the uptick of vishing scams.

A new vishing scam targeting Windows PC users threatens your wallet. Read on for more information on the clever new cyberattack that could let hackers take over your computer.

Here’s the backstory

We are all quite familiar with phishing attacks. Typically an email is sent in disguise to poke around inboxes to see who takes the bait. Vishing is quite similar, except it uses another form of technology to get you. Your phone.

Vishing is when thieves try to rip you off over the phone. Their goal is to trick you into thinking they are affiliated with a legitimate company to try and collect your data or money before you catch on. A new vishing scam targeting Windows users is making the rounds that you need to know about.

Microsoft Defender…or not

This is the third of its kind just this year. It is so well crafted that it fools even the most trained eyes. It starts with a spoofed Microsoft Defender email that includes an invoice.

The spoofed email has no misspelled words, beats Google servers and looks incredibly real. It also comes with a toll-free number for you to call.

The message doesn’t include attachments or links, which is typically a red flag that it could be a phishing scam. But the email itself isn’t the dangerous part. You can see the clever authenticity in the email in the photo above from Armorblox.

What happens if you call the number?

The email is just the setup for the scam. If you call the included phone number, this is where you could end up in trouble. Once on the phone, the scammers will attempt to get you to download software that allows them to access your PC and everything inside it remotely.

Once you’ve downloaded the software, you are at the hacker’s mercy, and you’ll be looking at potentially devastating damages.

How to handle vishing attacks

With any scam, prevention is always the best method. Here are some suggestions to avoid falling victim to vishing:

  • Don’t call numbers from unsolicited messages – If you receive unsolicited emails, texts or phone calls, do not call included phone numbers. If you have business with any company, look up its official phone number on its website to make contact.
  • Those downloads could mean troubleIT scams are some of the oldest tricks in the book. If someone calls asking you to download software, don’t do it. Tap or click here for an example of scam callers posing as phone providers and what happens if they trick you.
  • Safeguard credentials – If your login credentials are requested, do not hand them over. Legitimate businesses will not ask for this information over the phone.
  • When in doubt, hang up – If you feel rushed, nervous or suspicious, hang up the phone and give yourself time to think.

Keep reading

Shopping scams are ramping up – Here’s how to protect your wallet

Medicare sign-up is open – And phone scams are out of control

Refer friends, earn rewards!

Why not share your source of digital lifestyle news, tips and advice with others? When your friends and family subscribe to Kim's free newsletters, you earn points toward awesome rewards!

Get rewarded