What should I do if I get an invoice for a service I don't use?

Do not click any links or call the number in the email. Go directly to your bank or credit card portal to see if any actual charges were made. If not, delete the email.

Why did I get a real PayPal notification for a fake invoice?

Scammers use the 'Request Money' feature on PayPal to send fraudulent bills. PayPal sends the notification, but the content of the request is written by the scammer.

Is it safe to open a PDF invoice attachment?

Generally no. PDFs can contain malicious scripts or links. If you weren't expecting an invoice, it's safer to view your billing status through the company's official app or website.

Billing Safety

Verify suspicious invoices before you pay.

Invoice scams are a leading cause of financial loss for individuals and businesses alike. Scammers send highly realistic 'Paid' or 'Renewal' notifications for services you may (or may not) use, pressuring you to call a fake support number or click a link to 'cancel' the transaction.

Security Insight

The most common invoice scams today impersonate PayPal or Norton LifeLock. They use 'In-Platform Phishing,' where they send a real invoice request through the platform's official system, making the email look 100% legitimate even to technical filters.

Identifies fake 'Subscription Renewal' lures

Spots 'Invoice Manipulation' tactics

Protects against 'Refund' fraud loops

Analyze an Invoice Billing Safety Guide

How to spot a Fake Invoice

A professional-looking PDF or email receipt doesn't mean the charge is real. Watch out for these specific billing red flags before authorizing any payment.

The 'Refund Hotline' lure

A message claiming you've been charged $499.99 and providing a phone number to call for a refund. This is a trap to gain remote access to your computer.

Unexpected Auto-Renewals

Receiving an invoice for a service you never signed up for (like 'Geek Squad' or 'Norton') with a high-pressure 24-hour cancellation window.

Non-Official Payment Links

The 'View Invoice' button leads to a domain that isn't the brand's official site (e.g., 'norton-billing-support.net' instead of 'norton.com').

Request for 'Gift Card' Payment

Any invoice or support person asking you to pay a 'processing fee' or settle a bill using gift cards (iTunes, Google Play, etc.) is a scam.

What IsThisSpam checks before you trust a sender

Quick verdicts are useful, but the real value is understanding why something looks safe, uncertain, or risky.

Inconsistent Branding

Look for slightly off-color logos, weird fonts, or low-quality graphics that don't match the company's official corporate identity.

Generic 'Dear Customer' greetings

Legitimate companies like Apple or Amazon always address you by the name on your account. Scammers use generic greetings to blast thousands of people.

Mismatched Sender Metadata

The email says 'PayPal Billing' but the actual 'From' address is a random @gmail.com or @outlook.com address.

High-Pressure urgency

Messages like 'Payment successfully processed' or 'Funds will be deducted in 1 hour' are used to panic you into calling their fake support line.

Related guides

Use the checker for the fast answer, then read the deeper guidance for recurring scam patterns.

Refund Scam Checker

Learn how to spot the 'Support' scams that follow fake invoices.

Read the guide

Order Scam Checker

Verify suspicious shipping and purchase notifications.

Read the guide

FAQ

These are the questions people usually ask right before they click, reply, or pay.

Got a screenshot or attachment? Our AI can analyse it.

Free scan first, deeper analysis when you need it

Check the sender before you trust the message.

Start with a fast scan, then move to SuperScan when the message involves money, account access, or sensitive documents.

Analyze an Invoice Billing Safety Guide