Detects inbound PDF attachments that are used in fraudulent invoicing schemes by examining for a YARA-based pattern named pdf_fake_invoice_image_font_sizes. The rule requires a PDF attachment and triggers when a file is scanned and a YARA match with the specific rule name is found, indicating suspicious font sizing patterns or abnormal image sizes typical of fake invoices.