Skip to main content

Sent a payment that wasn’t received? It could be invoice fraud

Security

Millions of pounds are lost each year to invoice fraud; find out how you can keep your business, your customers and your clients safe.

What is invoice fraud?

Invoice fraud is an email scam where the payee’s bank details are edited by criminals, so that victims mistakenly send money to fraudsters. It can be devastating for businesses and individuals alike, with millions of pounds being lost every year. Victims are left hundreds or even thousands of pounds out of pocket, and are often unable to recover their money. 

The scam starts with the perpetrators gaining access to an email account, either by hacking, stealing the account details or acquiring them through a phishing link. The criminal then waits and monitors emails that are being received and sent from the account, looking for a suitable email exchange where the email account holder is requesting a payment from a business or individual. This business or individual becomes the target, and then the victim, of the scam.

When a suitable email exchange has been found, the perpetrators email the victim themselves. They might do this by contacting the victim directly from the email account that they have access to, or by using a very similar email address. The criminal sends across their own bank details, and the victim sends the payment to the fraudulent account. Victims can be unaware that they’ve been scammed until the real email account holder contacts them again, following up on the missing payment. 

Although individuals can be targets of this kind of invoice fraud, the more common victims are companies that regularly receive one-off payments. These organisations are particularly vulnerable to this kind of scam, as they routinely request payments from individuals and other businesses and have a great number of contacts. Once a criminal has access to a business’ email address, this scam can be repeated multiple times. 

How can businesses protect themselves?

Scams like these can reduce a victim's trust in your business, and prevent them from continuing to work with you. It can also greatly impact a business’ income if a payment doesn’t arrive when you’re expecting it. If you want to make sure that your customers’ and clients’ money never ends up in a criminal's account, follow these top tips.

  • Don’t send bank details over email

    One of the easiest ways to prevent this kind of scam is to give your bank details to clients and customers over the phone, rather than over email. This ensures that they have the correct information and the information cannot be intercepted or changed during transit.

  • Tell customers about test payments

    For large one-off payments, or for customers that are working with you for the first time, encourage them to send a test payment to verify that they’re sending money to the correct bank account. By asking clients and customers to send a penny across first and confirming when it has been received, you drastically reduce the risk of invoice fraud.

  • Keep your business secure

    Ensuring that your business has sufficient cyber security is one of the best ways to prevent invoice fraud and similar scams. This includes running an up-to-date operating system, sufficient anti-virus and having a backup and disaster recovery plan all help to keep your business safe and prepared.

  • Educate your staff on scams

    Scams like these are possible by exploiting your business’ biggest security flaw - your employees. Educating your staff on these kinds of scams ensures that your organisation and staff don’t fall for phishing links and fraudulent messages, which can leave your business and your customers out of pocket.

    U-Secure is an application which tests your employee’s knowledge by emailing them cyber security courses, and then emailing you their test results. Transcendit can talk you through the software, and help you identify whether it would be beneficial for your business.

Give us a call on 0191 482 0444 to talk to us about how to improve your business’ cyber security

Categories

Latest posts

0191 482 0444

Enquiries

We value your privacy
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Click here to read the latest comments from our customers

The Transcendit Way

Transcendit understand that when you choose to work with us, whether we're taking care of your IT, app or web development, you're trusting us with part of your business. So whether we're looking after your computers, phone systems or servers we always do things 'the Transcendit way'.

The whole of our team adhere to the same values, beliefs and policies - the principles that were written when Transcendit first formed in 2000. Whether you come to us for cloud services or recovery backup you can be confident that you'll always receive the same excellent service.

The Transcendit way outlines how we do business; following the same straightforward principles with every client and customer, regardless of how big or small they may be.

That means we get to know you and your business. We offer you a friendly, professional and efficient service, and we'll always be honest with you.
We understand that not everybody speaks fluent IT, so we try to explain things in a way that is simple and clear. We always spend as much time as is necessary explaining things to you.
If you need to talk to us about something, no matter how insignificant, we are only ever a phone call away – and we’re never too busy to make you a cup of tea and have a sit down with you in person.
We understand how frustrating it can be when things are late. When we schedule an appointment with you, we are there when you’re expecting us. If something prevents us from getting there, we always call you in advance to let you know.
Sometimes things can go wrong, but we never lie to you or try to cover something up. If things go askew we tell you what’s happened and how we plan to prevent it affecting your business.
We want you to continuously benefit from working with us. We regularly discuss your business and make suggestions for improving systems and processes wherever we can – but we never try to push you into a purchase.
When we quote a fixed price, that's always the amount we charge – you won’t find any nasty surprises on a bill from us. If you are paying by time and materials, we inform you if our approximations could change.
We understand the importance of privacy for your business and your customers. We respect the confidentiality of your data, and we will never pass on your information to third parties.
We appreciate it when you take the time to give us feedback. A system called CustomerSure records our client's responses, so you can trust that our reviews are from real people.
Find out what they're saying here.
Paul is always more than helpful...we'd be lost without him! Angela Fenwick, Streetwise

Based on 12075 reviews our customers rate us 9.8/10. Reviews and ratings by Customersure. 09-October-2024

Transcendit are proud sponsors of CHUF, the Children's Heart Unit Fund.

Transcendit is a Living Wage employer
Transcendit is a Microsoft Gold certified partner
VMWARE partner
Vipre partner
IPCortex partner
WithSecure partner
DELL partner
Barracuda partner
Veeam partner
N-Able partner

Copyright © 2024 Transcendit Ltd, a limited company registered in England and Wales No. 4041370. VAT No. 747 2063 34.
Cookies | Terms and Conditions | Data Protection and Privacy policy | Newsletter | Partners | Careers | Sitemap | Facebook | Twitter
IT support Newcastle | IT support Gateshead | IT support Durham | IT support Sunderland | IT support North East

Cyber essentials certified