Phishing Scams of the Week: Crypto Cons, Fake Invoices, and Phone-Based Travel Traps

Note: All product and company names mentioned herein are for identification purposes only and are the property of, and may be trademarks of, their respective owners.

Every day, Bitdefender Antispam Lab flags thousands of malicious emails that impersonate major brands, play on fear, or offer fake rewards to steal money, credentials, or sensitive data. This week's top phishing trends reveal a surge in crypto-related deception, scam invoices, and social engineering tactics involving fake customer support numbers.

Here are the top picks of phishing scams spotted by Bitdefender Labs researcher Viorel Zavoiu, along with advice to stay safe:

1.      Fake Apple Pay Invoice Scam

The phony email impersonating Apple Pay claims that a $350.98 transaction is being processed, urging recipients to call a customer care number to dispute any unauthorized charges. This is a popular tactic to make you panic and call the number in the email.

This email provides no invoice number (but this is not a standard for other similar phishing emails), lacks transaction details, and pushes you to call a number. On that call, cybercriminals may try to:

• Extract personal and payment data
• Gain remote access to your device
• Trick you into sending money to “cancel” the transaction

 Stay Safe:

• Don’t call numbers listed in suspicious emails.
• Check your payment history directly via the official Apple Pay app or Apple ID account.

2.      Barclays Phishing Email (in German)

This scam email targeting people in Germany claims that a failed update led to the suspension of a Barclays account, urging the recipient to access a fake page that harvests users’ credentials.

Red flags include the generic greeting, the sense of urgency and the threat of permanent account closure.

 Stay Safe:

• Barclays won’t suspend your account over a missed update.
• Always log in via the official bank website — never click unexpected links.

3.      Travel Scam: Flight Confirmation with a Twist

The holiday/travel season is in full swing. This means flight bookings and confirmations. In this travel-themed scam, crooks are luring internet users to call a number to modify or cancel the booking. What can happen on the call? The scammers may impersonate travel agents and ask for your personal information, credit card numbers or banking credentials.  They might also try to persuade you to install remote access software so that they can “process the refund.”

Stay Safe:

• If you didn’t book the flight, don’t call the number.
• Contact airlines directly through their official websites or apps.

4.      Tech Support Phishing: Geek PC Pro Invoice

In this fake invoice scam, scammers claim you’ve been charged $364.86 for a 12-month Total AV Disc subscription. Recipients are also urged to call a number to forfeit the plan.

Once on the line, the scammer might:

• Offer a fake refund process
• Ask you to install remote control software
• Try to access your online bank

Stay Safe:

• Don’t call unknown support numbers.
• Look up your subscriptions via your bank or account dashboard directly.

5.      Ledger Phishing Scam

Bitdefender Antispam Lab also flagged a Ledger phishing campaign targeting cryptocurrency holders. The email alerts users to a July 15, 2025 data breach and urges them to “re-secure” their recovery phrase via a secure portal.

All of this is fake, and here’s why:  

• Ledger never asks for your 24-word recovery phrase.
• The company has not publicly announced a data breach.
• The link leads to a phishing site mimicking Ledger Live.
• The email uses fear, urgency, and technical jargon to push immediate action.

This isn’t the first time cybercriminals have impersonated Ledger.

Back in 2021, Bitdefender covered similar phishing tactics in the aftermath of a real data breach: Threat Actors Target Ledger Data Breach Victims – Bitdefender

Scammers continue to reuse old breach data to create fresh campaigns, tricking both seasoned and new investors.

Recent Reddit Report Confirms the Trend

A Reddit user recently shared a phishing email that echoes the same tactics:

Ledger experienced a breach on July 1st, 2025. Your wallet is at risk. Install firmware version 2.1.1 and set a new PIN...

Ledger officially responded:

"This is 100% a phishing attempt. Any attempt to get a user to enter their 24-word recovery phrase is an attempt to steal their funds."

You can follow official phishing alerts at:  Ledger Phishing Campaign Status

Stay safe:

• Never enter your 24-word seed phrase anywhere online – ever.
• Bookmark ledger.com and avoid clicking suspicious links.

·         Always check official channels before interacting with any unsolicited correspondence.

6.      Bitcoin Mining Scams Are Back (Again)

Several crypto-themed scam campaigns claimed that users made 1.34 BTC through automated mining.

Interacting with the notifications directs users to another page claiming the account will be deleted in 1 day unless they log in. A countdown clock and testimonials (e.g., “Carleton B. received $3,811.85”) are shown to increase FOMO.

 How Is This a Scam?

• Fake promises of “free Bitcoin” from idle devices
• Phishing login forms to steal credentials
• Attempts to collect withdrawal or “activation” fees

Stick to these good habits to avoid falling victim to phishing emails and scams like these:

• Never enter recovery phrases or credentials after clicking links in emails.
• Don’t call support numbers from emails or popups.

Use free scam detection tools like:

• Bitdefender Scamio – our AI-powered scam detector chatbot that helps you verify suspicious emails, messages and even QR codes
• Bitdefender Link Checker – to test if a link leads to a scam or fraudulent website
• Always verify information through official websites and apps.

For comprehensive protection on all of your devices, grab one of our all-in-one security suites that comes with award-winning antimalware protection along with anti-scam and anti-fraud technology to keep you and your family safe. And there's more: with unlimited VPN for private browsing, plus password manager and email breach check you can take care of your entire digital life.

Have you seen similar phishing attempts lately? Share your story — and help others stay safe.