Skip to main content

Be warned: Sage scam invoice email is doing the rounds

If you use Sage accounting software, or any of the company's services, then be aware that an email scam is doing the rounds with the express intention of loading your PC up with malware.

Security expert Graham Cluley brought this to the attention of the Internet at large, posting on his blog (opens in new tab) after he'd received a fake email purporting to be from Sage (it was from a address). The email consists of a demand to pay an outstanding invoice.

It simply reads: "Please remit BACs before 12/06/2014. Please view complete invoice please click here."

Highly unconvincing, of course, with all the usual clues of a scam including being overly brief, and poorly written with a minimum of effort made.

The hope is that users will immediately be worried about what money they might possibly owe sage, and will click on the attached invoice to download it. Incidentally, it's hosted at Cubby, a cloud storage service – another warning bell, as Cluley notes. Furthermore when you unzip it, the invoice isn't any kind of document file as you might expect, but an SCR – a screensaver file, a repackaged EXE often used to hide viruses (as when first seen, it may not ring as many alarm bells for some folks as an actual EXE).

If you open the file, naturally enough you'll be infected, apparently in this case by a Trojan.

So, Sage users be warned. Sage has confirmed that the email is a dodgy one – Catherine Sheldon of Sage UK told Cluley: "It is a spoof or phishing email and isn't actually from us. We've heard of a few of these lately and if any of your readers are concerned that they've also received one then they should visit our blog post for some advice on how to identify spoof or phishing emails and what they can do with them."

You can check out that advice here (opens in new tab) – apparently such spoof Sage emails have been circulating since last autumn.

Darren Allan
Darren Allan

Darran has over 25 years of experience in digital and magazine publishing as a writer and editor. He's also an author, having co-written a novel published by Little, Brown (Hachette UK). He currently writes news, features and buying guides for TechRadar, and occasionally other Future websites such as T3 or Creative Bloq and he's a copy editor for TechRadar Pro. Darrran has written for a large number of tech and gaming websites/magazines in the past, including Web User and ComputerActive. He has also worked at IDG Media, having been the Editor of PC Games Solutions and the Deputy Editor of PC Home.