FreshBooks scam email: subscription phishing emails explained, how to spot them, what to do if you get one

It comes as fraudsters have attempted to exploit the UK cost of living crisis in 2022

With Black Friday 2022 and Christmas approaching, it is not only the start of the peak shopping period but also the beginning of major scam season.

This year has already been a big 12 months for scammers thanks, in particular, to the cost of living crisis. Fraudsters have exploited the various government support schemes, and have used brand names in a bid to steal money.

One of the main types of scam used by criminals is known as phishing. A cousin of text message scamming method ‘smishing’, it can be a highly sophisticated way of getting you to part with your hard-earned cash.

The latest such scam has hit FreshBooks - a business providing self-employed people and small firms with accounting software.

So, what do you need to know about this scam - and what is phishing? Here’s everything you need to know.

Businesses have been targeted with a phishing attack from criminals purporting to be from accounting app FreshBooks (image: Adobe)

What is phishing?

Phishing is a form of criminal scam that takes place via email, text message, social media and - less commonly - phone calls. It is a type of scam used by fraudsters to try to trick people into giving them money or sensitive personal details.

Personal details they might be after include: passwords, addresses and debit/credit card details.

This scam works in a plethora of different ways, but the most common method involves the sending links or attachments via email. Should you click on them, you’re at risk of having malware installed on your computer or phone, which essentially allows criminals to access your device remotely.

Another form of phishing sees scammers attempt to persuade you to part with your money or sensitive information by impersonating people or a brand. While these messages can sometimes be (almost hilariously) badly written, as fraudsters attempt to make it around your junk filter, they may also be entirely convincing - especially if the criminals get lucky and hit on a subject or brand you’re currently engaged with.

Fraudsters use phishing to try to part you from your cash or personal details (image: Adobe)

These usually come via email and can be written in a formal style. The message is likely to be from someone you have never heard of who has never emailed you before.

It may create a sense of urgency - imploring you to act quickly. It could do so by warning you that your bank account is about to be hacked.

Or the message may promote scarcity, by, for example, offering tickets to a high-profile event or gig that has sold out. In both cases, criminals want you to act quickly without pausing to think about the credentials of the message or its sender.

Usually, scammers will send phishing emails to a vast number of people. So, the message is likely to be generic.

But if it’s a more sophisticated scam known as ‘spear phishing’, the attempted fraud will be much more targeted. It might be your team at work who gets the message, or it could even just be you.

Spear phishing attacks will see criminals research your company or personal life using social media. Typically, they will tailor the message to you to make it as believable as possible.

For example, the message could purport to come from your boss or colleague. It may say they have forgotten the password for a particular system or something along those lines. Another line of attack could see the criminal purport to be a friend who’s desperate for money.

FreshBooks has told self-employed people and small businesses to look out for scams (image: Adobe)

What is the FreshBooks scam email?

On Wednesday (23 November), SME business accounting firm FreshBooks announced it had had its brand used in a phishing scam attack.

The firm warned its customers and email subscribers on social media to look out for its usual email domain names to ensure they were clicking on official messages rather than fraudulent ones.

The handles it says it uses are or It urged people who get any other domain names purporting to be from FreshBooks to mark them as spam and delete them. If you’re unsure, contact FreshBooks directly.

That way, the messages are unlikely to appear in your main inbox again and your account is unlikely to be compromised. FreshBooks has provided some further advice on how to not be phished on its website.

How to spot phishing?

As well as looking out for a domain name that doesn’t match up with the usual one a company or brand may use, there are several other ways of detecting phishing scams. These include:

  • First-time or infrequent senders: phishing attacks are likely to be from someone you’ve never heard of. If they’re more targeted - coming from someone you know - use another form of communication to check if they actually sent the message
  • Poor spelling or grammar: while this can be as a result of attackers having poor language skills or not using English as their first language, it can be a deliberate attempt to circumvent spam filters
  • Generic greetings: most phishing attacks will not use your name and may use generic - or even bizarre, overly formal greetings, like ‘Dear sir/madam’
  • Strange attachments or links: if an already-suspicious email contains links or an attachment, avoid clicking on them

The main advice given for how to avoid being phished is to stop and think. Consider what the message is asking you to do, and how it is asking you to do it. If it’s trying to play on your emotions or create a sense of urgency, be sure to be suspicious

If you have any doubts, contact the person or company that’s sent the message to you to see if the message they’ve sent is legitimate. Should the message relate to your bank, call the number on the back of your bank card to double check.

For all other suspicious emails, find the official contact information for the person or brand and ask them about the message. But be sure to not engage with the suspected scammers at all as you might inadvertently give something vital away.