We have had a lot of reports about fake invoices apparently sent from other members or departments in the University. A new trick being deployed is to add an extra address in the from: field after the name but before the actual address in the from: field.
This tries to trick people into downloading and running a javascript (JS) program.
