Victim: Sarah Thompson, Senior Project Manager
Incident: February 2025

The Scam:

Sarah received an urgent email with a PDF attachment labeled “Invoice #R99872.pdf” from a vendor she trusted. The email claimed that payment was overdue, and the attached PDF urged her to review and pay immediately. The PDF contained a link to a payment portal. Believing it was legitimate, Sarah clicked the link and entered her company’s payment details on the website.

What Happened:

Soon after, Sarah's computer became sluggish. She realized the email was a scam when the payment didn’t process and the vendor confirmed they hadn’t sent it. The link was a phishing link designed to steal her company’s financial information, and malware had been installed on her device.

Key Lessons:

• Always verify email senders, even if they appear familiar.
• Be cautious of urgent payment requests.
• Never enter financial information without confirming the source.