0121 227 0439

Expand the menu image
sales@geek-guru.co.uk | 0121 227 0439
Close the menu image

Geek Guru Blog

Staying Cyber Secure – Invoice Fraud & Scams


The best way to stay secure, especially online, is to question everything – when it concerns fraud, that usually means to look upon all interactions with a critical or wary eye, and to err on the safe side if you feel something is suspicious.


At the end of the day, most businesses and organisations would much rather have someone call to double-check some details than be subject to fraud.

With many different systems in place and workplaces undergoing frequent, rapid changes, the pandemic and its aftermath has been a playground for scammers and fraudsters. Not only are people sometimes working from less secure places or devices, they are also not questioning changes perhaps as often as they should.



Scams and fraud are always something to watch out for, but one type of attack is particularly prevalent at the moment: Invoice fraud. These kinds of scammers and fraudsters are essentially exploiting people’s willingness to accept unexpected changes more easily than they normally would because of the current rates of change happening all around us.


There are several main ways in which this scam occurs; we’ve detailed the scenarios here so you may better understand the risks:

Scenario One:

The scammers have access to the invoice recipient’s (payer’s) systems or email inbox, normally obtained via a phishing scam or hack, or similar. They edit the invoice document(s) directly in the recipient’s inbox to contain their own bank account information rather than the genuine payee’s information. The payer then pays the invoice using those details.

Scenario Two:

The scammers have access to the invoicer’s (payee’s) systems or email inbox, also normally obtained via a hack or phishing attack. They change the details on the outgoing details on invoices before they are sent (or intercept them during sending). The invoice arrives as normal in the recipient’s inbox and is paid as normal, using the new details.

Scenario Three:

The invoice is faked in its entirety and the email is spoofed (made to look like it’s from a genuine address). This is because spoofing an email address is incredibly easy to do in many cases. This method is easier to catch than the first two, because often fraudsters faking invoices will not have access to the company’s official template or correct graphics (although in some cases they do have access to these things). The recipient often pays the invoice even if it’s unexpected, as it appears to be from a genuine source.

Scenario Four:

The fraudsters contact the recipient, pretending to be the invoicer, and tell them of a proposed change to banking details. This is the easiest method to catch, because it relies on spoofed email and a direct change in details which people are often more wary of.


In all cases, neither party are aware of any fraudulent activity until the payee contacts the payer to query non-receipt of payment, or the payer contacts the payee to confirm receipt of payment for the unexpected invoice. Because this can often be weeks, the scammers and fraudsters have a chance to launder and make off with the money whilst the organisations involved are unaware.


What can I do?

Be suspicious of any changes! An unexpected invoice or a follow-up to an invoice with different payment details should ALWAYS ring alarm bells. Since, in larger organisations, payments to one company may not always be processed by the same person, it’s wise to check that the details on the invoice match those from previous invoices. If they don’t, it is advisable to query the details via a secure method, such as a direct phone call.

In the UK banking system, a system called CoP (Confirmation of Payee) was introduced in 2019 to help combat fraud. Some banks will check and tell you if the name you have entered does not match the name on the account receiving the funds. Be aware that similar sounding or misspelled names are also a method that some fraudsters use – and that not all UK banks are yet enforcing a match between the name entered and the name on the account being paid. Contact your bank to find out more about CoP.

If you’re concerned that an invoice or other request for change of payment details could be fraudulent, the best option is to have someone in your organisation check directly with the sender or a verified point of contact (using a contact name and number from a previous communication, as fraudsters have also been known to make and use fake phone numbers or even fake addresses).

If you’re concerned that a payment you have recently made is fraudulent, contact your bank’s fraud department as soon as possible.

If you suspect that scammers may be using your business name to scam or defraud others, or you have anything to report (for example, if you were targeted and the scam was unsuccessful) you can contact ActionFraud, the UK police’s national cybercrime and fraud centre, on 0300 123 2040.


Need help or advice to keep your team safe and secure, or have questions about IT security? We can help! Give us a call on 0121 312 1500 or email us at info@geek-guru.co.uk
Blog Posts by Category
Blog Archives
« Blog Menu
Blog Categories
Blog Archives