Business email compromise and invoice redirection fraud

Monday, November 2, 2020 / Security

Invoice redirection fraud is on the rise, with scammers impersonating businesses to send fraudulent emails to unsuspecting individuals and businesses.

What is invoice direction fraud? 

Invoice redirection scammers intercept legitimate invoices and change the details to include fraudulent payment information.

This is usually done by gaining remote access to an email account or using an email address that appears legitimate and almost identical to the trusted business email address. The scammer then sends what appears to be a legitimate email requesting money or sensitive information to an unsuspecting individual or business.

In the case of Invoice Redirection Fraud, the scammer will send an invoice which includes new updated bank details so payments are redirected to the scammer. The recipient will pay the invoice as normal and neither they nor the business (owed the money) may realise they have been scammed until the business contacts the recipient to ask why an account has not been paid.
Redirection emails are also sent when no money is owed and the scammer is simply relying on the recipient to have poor accounts payable practices in place.  The invoice will appear to be from a legitimate service provider and refer to a service of the type the recipient is likely to use.

If you are a business

It is important that your business takes the necessary steps to avoid being impersonated by a cybercriminal who may scam your customers, making it harder to get your invoice paid and risk eroding the trust of your customers.

To avoid a scammer impersonating your business you should: 

  • secure your email, accounting and other systems with two factor authentication consider options for firewall/virus protection arrangements to protect your business’s online environment

  • monitor your network, accounts and communication channels for any suspicious activity

  • regularly remind your customers about the invoice payment process

  • educate your staff and customers about the importance of being aware to hackers, scams and cybercriminal activity that could affect your business

  • set up a PayID using your ABN or a business email address and use these details on your invoicing

  • if your banking details do change, ensure your customers are aware via a robust communication effort to them about the change. 

Warning signs that your business may have been targeted

  • You are unable to log in to your computer or mobile device, or your email, social media and other online accounts.

  • You notice new icons on your computer screen, or your computer is not as fast as it normally is.

  • Files on your computer have been moved or deleted.

  • Pop-up boxes start appearing on your computer screen. These may offer to help 'fix' your computer, or a simply have a button that says ‘close’.

  • You have an unexpectedly large phone data or internet bill.

  • You notice that amounts of money go missing from your bank account without any explanation.

  • You suspect that your mobile phone number has been ported without your consent, after you notice that your phone is showing 'SOS only' where the reception bars usually appear.

 Things to check if you’re paying a supplier

 To avoid being a victim of Invoice Redirection Fraud, it is recommended you check:

  •  alterations on invoices including low quality graphics, poor spelling or mismatched fonts

  • whether the sender email address has changed or references an entity not related to the organisation providing the service

  • unusual amounts or descriptions of products and services

  • different bank account details or ‘how to pay’ information from previous invoices.

If you think you have been the victim of a financial scam, please get in touch with us as soon as possible on 1300 368 555.

Online scams are constantly evolving, so check on Scamwatch  and the Australian Cyber Security Centre website regularly for updates. You can also check out our blog post about keeping yourself safe online.
Please note this article provides general information only.  When deciding how to protect the operations of your business please take into account what is in the best interests of your business and consider obtaining appropriate professional advice.

Please login or register to post comments.