Spot a fake invoice.
Fake invoices are the easiest way to steal money from a small business. They work because they look boring — and nobody investigates boring.
Fake invoices are successful for the same reason they're boring: nobody looks closely. An invoice lands, someone pushes it through AP, the money moves. Multiply that by twenty businesses a day and you have a thriving global scam industry.
Why invoice fraud works so well
Most small businesses handle invoices on autopilot — especially for recurring services. An attacker exploits that. They send an invoice from a vendor-sounding name ("Xerox Business Services," "Konica Leasing Group"), sometimes with a real-looking number, sometimes for a plausible amount. If AP doesn't cross-check, the money goes out and the fake 'vendor' disappears.
Three common patterns
“An "invoice" from a copier leasing company that looks almost exactly like a real one you already use.”
Red flag: Lookalike company name, slightly different logo, brand new bank account. The real leasing company had been operating under a different name for years.
“An invoice from a real, known vendor — but the banking details have changed from ACH to wire, and the account is at a new bank.”
Red flag: The vendor's email had been compromised. The invoice was real. The routing was not.
“An unsolicited "renewal notice" for a domain, a directory listing, or a business registration.”
Red flag: These are almost always scams mailed to every small business. The logo looks official, the bill looks real, the service doesn't exist.
The controls that stop it
- Two-person approval for any new vendor payment or banking change.
- Verbal verification for vendor banking changes — on a known number, not the one in the email.
- A real purchase-order system so AP can match invoices to approved orders.
- An approved vendor list — anything outside it triggers a pause.
- Monthly vendor reconciliation — flags duplicate and ghost vendors quickly.
We'll audit your AP process.
An AP fraud review is a one-morning engagement. You'll walk away with a list of exactly where money is leaking.
- 1Require two-person approval on any new vendor or banking change this quarter.
- 2Require verbal callback for any change to an existing vendor's wire instructions.
- 3Set up an approved vendor list — new vendors trigger an extra review.
- 4Reconcile your AP ledger monthly and look for duplicates or unfamiliar names.
- 5Train AP staff to treat "urgent" invoices as suspicious by default.
Want help securing your business?
Schedule a quick security review with our team. 15 minutes, no sales pressure — walk away knowing exactly where your gaps are.
Schedule a quick security reviewKeep reading
Verify before you wire.
Wire fraud is the fastest-growing financial attack on small businesses. The fix is a 90-second phone call before the money moves.
ReadTip #8 · Social engineeringThe fake CEO email.
Gift cards, wire changes, W-2 forms, payroll routing — all the classic CEO-impersonation scams. One callback habit kills every variant.
Read