Email invoice fraud is alive, well and profitable. But you don’t have to be a victim.
Invoice fraud is an old scam when a scammer sends fake invoices claiming to be from a genuine supplier. The invoice often says that payment information has changed and you need to use the new method. In many cases, the scammers may know of existing vendor relationships. The fraud is only discovered when the legitimate supplier follows up on non-payment.
If payment is made to these scammers, it is almost impossible to get the funds back. That is why finance teams need to have formal processes for making payments to suppliers, especially when payment details are changed.
The Internet, combined with cheap bandwidth and messaging, has made fraud in general and invoice fraud specifically, much more scalable for scams. Suppose a scammer wanted to send 2 million paper invoices to businesses across the USA. The postage alone would be more than $1 million. But sending 2 million emails can be done for under $100.
I am regularly receiving scam invoices in my email inbox. A recent popular invoice scam is around autorenewals for Norton anti-virus. As you can see from my Gmail spam folder, I have gotten 10 of these in recent days.
