Real Scam Alert: “Invoice Approved for Payment”

But It Wasn’t Me …

Recently, we encountered a highly convincing email scam targeting our business — and it’s one that could easily catch out any company with a finance or accounts process.

What Happened

An email appeared to come from Jason McGee (Jascom Ltd), instructing that an invoice had been:

  1. Reviewed
  2. Approved
  3. Required immediate payment

It even included a forwarded email thread referencing a “60+ days overdue invoice” from CEO Coaching International.

There was just one problem:

👉 Jason never sent that email.

How the Scam Works

This is a classic Business Email Compromise (BEC) attack — but with a twist.

Instead of hacking an email account, the attacker:

  • Spoofs the sender name (e.g. “Jason McGee”)
  • Crafts a believable internal message
  • Adds urgency (“must be paid immediately”)
  • Targets someone likely to process payments

The goal is simple:

Get the Accounts Team to pay quickly — without questioning it.

Why This One Was Dangerous

This wasn’t a sloppy phishing email.

It:

  • Used the correct names and roles
  • Referenced a finance workflow
  • Included a realistic conversation thread
  • Applied pressure (overdue + collections warning)

In a busy office, this could easily have been processed without a second thought.

The Red Flags

Here’s what gave it away:

  • ❌ The email was never actually sent by Jason
  • ❌ No prior relationship or contract with the company
  • ❌ Urgent tone demanding immediate action
  • ❌ Payment approval via email only (no verification)
  • ❌ Slight inconsistencies in email formatting and timing

The Real Risk to Businesses

If this had gone unnoticed:

  • Payment could have been made to a fraudulent account
  • Funds would likely be unrecoverable
  • Internal trust and processes would be compromised

This is happening every day to Irish SMEs.

What We Did Immediately

  • Blocked any payment action
  • Alerted internal accounts staff
  • Reviewed email security
  • Confirmed this was a spoofing attempt (not a breach)

How to Protect Your Business

If you take nothing else from this, implement these:

1. Never Approve Payments by Email Alone

Always verify:

  • Phone call
  • In-person confirmation
  • Known internal process

2. Watch for Urgency

Scammers rely on:

  • “Immediate action required”
  • “Final notice”
  • “Avoid collections”

3. Check Email Authentication

Your domain should have:

  • SPF
  • DKIM
  • DMARC (set to quarantine or reject)

4. Train Your Team

Your weakest point isn’t your server — it’s:

A busy person trying to clear a task quickly.

Final Thought

This scam didn’t rely on hacking.

It relied on trust and speed.

That’s why it works.

Need Help Protecting Your Business?

At Jascom Ltd, we help businesses:

  • Secure their email systems
  • Implement anti-spoofing protections
  • Train staff to recognise real threats

If you’re unsure about your setup, get in touch — it’s far better to prevent this than recover from it.

EMAIL SCAM – SCREENSHOT

Invoice Scam