Common Email Scams You Need To Know About (How To Protect Yourself)

If you've been getting suspicious emails lately that seem almost too real, you're not imagining it. Scammers have gotten extremely sophisticated, and in recent years, they've shifted their tactics from obvious spam to near-perfect imitations of tools and platforms you use every single day. I'm talking about things like digital party invitations, document signing requests, and invoices. On the surface, they look completely normal. That's exactly the point.

I've personally experienced this—both in my personal inbox and in my business inbox at Clever Girl Finance. And it's prompted me to write this post, because if it's happening to me regularly, it's definitely happening to you too.

In this post, I'm breaking down three of the most common email scams circulating right now, sharing what they look like in real life, and giving you a clear action plan for what to do if you encounter them.

Scam #1: The evite (fake party invite) scam

You open your inbox and see an invitation. A birthday party. A baby shower. A celebration of life for someone's loved one. The name on the invite might even be someone you know. So you click—and just like that, you've walked into a trap.

This scam has seen a significant rise in recent years, with Evite itself flagging a notable uptick in phishing activity. Scammers send fake digital invitations that perfectly mimic real platforms like Evite, Paperless Post, and Punchbowl—complete with their branding, formatting, and even a sender name you might recognize. That familiar name could belong to a friend whose email account was hacked without them knowing.

I get these in my personal inbox on a fairly regular basis, and what makes them so unsettling is how convincing they look. Some appear to come from people I actually know—which tells me those contacts accounts have been compromised.

Others are for emotional events I wasn't expecting, like a celebration of life for someone I've never heard of. A couple of them genuinely made me pause before I looked more closely at the sender's email address. The emotional framing is intentional. Scammers know that an invitation to honor someone's memory lowers your guard immediately.

Why it works

It plays on our deeply human desire to feel included and to show up for the people we care about. A party invitation is the last place most of us expect a scam, so our guard is completely down. By the time something feels off, we may have already clicked a malicious link, entered our login credentials on a fake site, or unknowingly allowed malware onto our device.

What to look for

• The sender's email address looks slightly off. Always check past the display name to the actual address
• The invite is unexpected or out of character for that person
• The link URL doesn't match the platform's official domain when you hover over it
• The page asks you to log in or create an account just to view the invite
• The event has an emotional hook designed to make you act quickly without thinking
• Something just feels off—trust that instinct

What to do

• Do not click any links in the email
• If you already clicked, clear your browser cache and cookies and run an antivirus scan on your device
• Report it as phishing in your email client
• If the invite appears to be from a friend, let them know their account may be compromised and they may not be aware
• Report it to the FTC at reportfraud.ftc.gov

Scam #2: The DocuSign scam

If you've ever signed a contract, lease, offer letter, or business agreement online, you've probably used DocuSign. It's one of the most trusted tools in business, and that trust is exactly what scammers are exploiting.

Cybersecurity researchers at ESET have tracked high spikes in fake DocuSign phishing attacks over the years. These emails are so convincingly crafted that even careful, tech-savvy people are getting fooled. And in the most advanced versions, scammers are actually using DocuSign's own infrastructure to send the emails—which means they pass standard security checks and land directly in your inbox without being flagged as spam.

In my business inbox at Clever Girl Finance, DocuSign scams show up multiple times a week. Most of the time I can spot them quickly, but I'll be honest, a couple of them have given me a moment of pause because the formatting was so on point.

What usually tips me off is that I wasn't expecting any document, or the sender's email address doesn't quite add up when I look carefully. The ones that try to mimic contract requests for brand partnerships or sponsorships are particularly convincing, because those are real things that land in our inbox regularly.

How the scam shows up

You get an email that looks exactly like a standard DocuSign notification—the logo, the “Review Document” button, the familiar layout. It says something like “Please review and sign this document”, or “Action required: your document is ready.”

When you click, one of a few things can happen: you're redirected to a fake login page designed to steal your credentials, you're prompted to grant permissions that give the scammer access to your accounts, or a PDF attachment contains a QR code that routes you to a malicious site.

Some versions go further and include a fake invoice from a well-known brand like Microsoft or PayPal, claiming a subscription has been renewed, and pressuring you to call a fake support number.

Red flags to watch for

• You weren't expecting any document to sign
• The email includes a PDF attachment. Real DocuSign signing emails never have these
• The sender's address doesn't end in @docusign.com or @docusign.net
• The greeting is generic, like “Dear Customer” instead of your name
• There's urgency or pressure:”act within 24 hours”, or your account will be affected
• The email includes a QR code asking you to scan it
• “Review Document” button links somewhere other than docusign.com or docusign.net

What to do

• Don't click anything in the email, instead, go directly to docusign.com and log in to check if a real document is waiting for you
• Forward suspicious emails to spam@docusign.com. DocuSign has a dedicated team that reviews these
• If you entered your login credentials anywhere, change your passwords immediately from a separate, clean device
• Enable two-factor authentication on your DocuSign account and any linked email accounts
• Report it to the FTC and your email provider

Scam #3: The fake invoice scam

This one hits differently if you run a business, do freelance work, or manage finances for your household or organization. The fake invoice scam is one of the most financially devastating fraud schemes out there, and it has evolved significantly with the rise of AI.

Here's the basic version: you receive an invoice that looks completely legitimate. It appears to come from a vendor you work with, a subscription service you use, or a utility provider. Everything looks right—the logo, the format, the sender name. But the payment details have been quietly changed. You pay. The money goes straight to the scammer. And you don't find out until the real vendor follows up asking where their payment is.

In more sophisticated versions, scammers construct an entire fake email thread—sometimes impersonating your own team members or executives—complete with a manufactured approval and a sense of urgency. Some even throw in a fake early-payment discount to make you feel like you're doing something smart by acting fast.

The Association of Certified Fraud Examiners estimates that businesses lose about 5% of their annual revenue to fraud each year, with invoice fraud being one of the leading causes. For small business owners and freelancers, even a single fraudulent payment can cause serious financial damage.

At Clever Girl Finance, fake invoices land in our business inbox multiple times a week. Some are clearly scams—for services we've never used or from companies we've never heard of.

But others are more targeted. We've received emails that appeared to come from real vendors we work with, with slightly altered payment details. The tell is usually a small change in the email domain or bank details that don't match what we have on file. It's a good reminder of why we have a verification process in place before any invoice gets paid.

Common versions to know

• A vendor suddenly emails asking you to update their payment details; the bank account has changed
• An invoice arrives for a subscription renewal you don't recognize (Norton, PayPal, and Geek Squad are frequently impersonated)
• A threatening overdue invoice arrives claiming services will be shut down if you don't pay immediately
• Unsolicited products arrive in the mail, followed by an invoice for items you never ordered
• A fake email thread appears to show internal approval for a payment you don't recognize

What to do

• Always verify new or changed payment instructions by contacting the vendor directly—using contact information you already have on file, not what's listed on the suspicious invoice
• Slow down whenever there's urgency. That pressure is intentional, and it's designed to make you skip your normal verification steps
• Review every invoice carefully for unfamiliar vendors, mismatched contact information, or payment details that differ from your records
• Set up a formal approval process for payments, especially any that involve new payees or updated banking details
• Report it to the FTC at reportfraud.ftc.gov and the FBI's Internet Crime Complaint Center at ic3.gov

Expert tip: Do your due diligence

Before clicking any link in any email, hover your mouse over the button or link first. The real destination URL will appear in the bottom left corner of your browser. If it doesn't point to the sender's official domain (like evite.com, paperlesspost.com, or docusign.com), do not click it no matter how real it looks.

Also worth knowing: real DocuSign emails never include PDF attachments and will always address you by your name, never as “Dear Customer.” And when it comes to invoices, make a simple rule for yourself; any new or changed payment details require a phone call to verify using a number you look up independently, not one listed on the email or invoice. These small habits can save you from a devastating loss.

Watch: 7 Influencer scams you also need to know about

Inbox scams aren't the only ones you should be watching out for. Social media is full of financial scams disguised as opportunity—fake gurus, passive income lies, overpriced coaching programs that teach you nothing, and more.

I did a full breakdown on YouTube that's worth a watch: 7 Influencer Scams to Avoid: How to Spot Fake Gurus, Passive Income Lies & Online Business Scams.

Frequently asked questions on email scams

What should I do if I already clicked a suspicious link?

Don't panic, but act quickly. Close the page immediately and don't enter any information. Clear your browser's cache and cookies, then run an antivirus scan on your device. If you entered a password anywhere on that page, change it right away from a different, trusted device. Enable two-factor authentication on any accounts that may be affected, and report the incident to the FTC.

How do I know if an email is really from DocuSign?

Legitimate DocuSign emails always come from @docusign.com or @docusign.net, address you by your full name, and never include PDF attachments for signing. The safest approach is to skip the email entirely and log in directly at docusign.com to check if a document is actually waiting for you.

Can scammers really use a real friend's name on a fake Evite?

Yes—and this is one of the most alarming aspects of the Evite scam. Scammers can hack into someone's email account and use it to send fake invitations to that person's entire contact list.

If you receive an unexpected invitation from someone you know, especially for an emotional event like a memorial or celebration of life, reach out to that person directly through another channel (text or phone) before clicking anything.

What if I already paid a fake invoice?

Contact your bank or payment provider immediately. The faster you act, the better your chances of recovering the funds. Report it to the FTC at reportfraud.ftc.gov and to the FBI's Internet Crime Complaint Center at ic3.gov.

Also notify the real vendor whose identity was used in the scam, so they can alert other clients. Document everything: the email, the invoice, and any communication.

Are there tools that can help protect me from these scams?

Yes. A good antivirus program with phishing detection can flag malicious links before you click them. Most major email providers (Gmail, Outlook) also have built-in phishing filters.

For your business, consider using accounting software that requires dual approval for new payees or changed payment details. And enabling two-factor authentication everywhere is one of the single most effective protections you can put in place.

Related content on scams

If you've found this article useful, check out this other related content on scams to be aware of.

Final thoughts

These scams work because they look like the things we already trust. They arrive in familiar formats, from seemingly familiar sources, at moments when we;re busy and not expecting anything to be wrong.

Your best defense is a simple pause. Before you click, ask yourself: was I expecting this? Does something feel slightly off? If the answer to either is yes, take a breath and verify before you do anything else.

You've worked too hard for your money to let it go to a scammer. Stay sharp, stay informed, and share this with someone who needs it.