One of the clever ways that cyber criminals can get you is by sending you an invoice that looks exactly like an invoice one of your suppliers would send you – but with their bank account on it. It is very easy to accept the invoice and pay it.
This is called push-payment or invoice fraud and costs millions of dollars to businesses and individuals every year.
If you receive an invoice with a different bank account listed on it for payment it can be easy to make it without question, but it can also be very dangerous.
If you ever receive an email from a business or person you pay money to informing you of a change in bank account details, or an invoice with a different bank account number on it to what’s in your file, please phone them and confirm directly with them before sending money to the new account number. Picking up the phone is the safest contact.
If you fail to do this check and the email is fraudulent you will most likely not be able to get your money back at all. Cyber fraudsters are usually off-shore so you will be unable to recover your money.
If you use data capture software such as Fetch, you can be alerted to a bank account number on the invoice that doesn’t match what’s in your financial software.
This alerts you to contact the supplier for confirmation of the change before changing the record in your system and making payment to it.
It also allows you to notify your supplier if you have received something that was not sent by them so that they can alert their other customers and warn them as well as taking other action to safeguard the businesses they work with.
See our other posts about staying safe from cyber attacks.
If you are worried about an email that you have received, contact your IT provider.