FW invoice approved from C2FO [email protected] - SPAM WARNING!!!

FW invoice approved from C2FO [email protected] - SPAM WARNING!!!   This email has been receive

FW invoice approved from C2FO [email protected] - SPAM WARNING!!!


This email has been received in connection with doing some business in India this week, obviously they have spotted the fact that we have been emailing to and fro with an Indian office with much talk of invoicing. Spammers have been monitoring our traffic from Office 365 and have decided to try their luck with this one:








Good news!

Invoice Status: Approved and Paid. Your remittance file is ready to download.

This link will expire in 24 hours.




8am to 8pm EST | +1 866.435.7575 | [email protected]

This email was sent on monday, may 8, 2019 to [email protected], by C2FO.

If you are subject to the jurisdiction of the European Union, please see the General Data Protection Regulation (GDPR) Personal Data Notice in the Privacy Policy.

2020 W 89th St, Suite 200, Leawood, KS 66206, USA

View in web browser | Privacy | Manage contact preferences



The link takes you to a fake Microsoft login presumably trying to catch your Microsoft 365 password or Outlook.com password, and also log the fact that you click on spam email links. The website is here:  http://securex-be.com/iTxU/[email protected]&response_code=hashishcode9o87ho978hwpujdp0p0f79h&locale=%7BEN-US%7D&ue=S0-dfj890988f7hvbQ==&realm=%7Borigin%7D 

The website is secured with a valid certificate but is not currently in use according to the home page but this may well just be a cover so they can populate the rest of it with criminal websites.

The links at the bottom just pointed to Google...?

The domain securex-be.com is just a copy of securex.be site and the certificate appears to have been made today.

Add comment