Scammers are increasingly targeting businesses by impersonating contacts and requesting “urgent” changes to payment instructions. A recent attempt against one of our clients highlights how convincing, and costly, these scams can be. Here’s what happened, how to spot the red flags, and steps you can take right now to protect your organisation.
The Scam Scenario
1. Spoofed Sender
An email chain appeared to come from a trusted partner, asking to update bank details due to a “Xero upgrade.”
2. Request to Change Payment Method
The message instructed recipients to stop paying via Xero and instead use a new BACS account, details attached in a malicious document.
3. Spelling & Grammar Mistakes
Small errors hinted that this was not an official company communication.
4. Non-Corporate Email Addresses
The fraudster used Hotmail and live.co.uk addresses, rather than the company’s genuine domain.
Key Red Flags to Watch For
- Unexpected Requests: Any sudden change in payment instructions, especially if you weren’t forewarned, should trigger caution.
- Unofficial Email Domains: Double-check that the sender’s address matches your contact’s genuine domain.
- Poor Spelling & Grammar: Scammers often rush emails out, leading to typos, awkward phrasing, or inconsistent formatting.
- Pressure & Urgency: Be wary of phrases like “urgent,” “immediate,” or “stop all other payments.” They’re designed to short-circuit your usual checks.
- Attachments & Links: Never open unexpected attachments or click on links. They can install malware or lead to phishing sites.
Best Practices to Keep Your Payments Secure
1. Verify by Phone
Always confirm any request to change banking details with a known contact number, don’t call the number provided in the suspicious email.
2. Use Multi-Factor Authentication (MFA)
Protect your accounting and email platforms with MFA to reduce the risk of account takeover.
3. Maintain an Approved Vendor List
Keep up-to-date records of all suppliers’ official contact details and update your team whenever vendor information changes.
4. Educate Your Team
Conduct regular training sessions on phishing, invoice fraud, and social-engineering tactics.
5. Implement Dual-Control Processes
Require two-person approval for invoice payments and any changes to payment instructions.
Stay Vigilant
Invoice and payment-detail scams are on the rise and they’re growing more sophisticated. By keeping awareness high, enforcing strong internal controls, and verifying every change in payment instructions, you’ll significantly reduce your risk. If you have any doubts about an email or request, always err on the side of caution and confirm directly with your vendor or client.
Author: Plus Accounting
Any views or opinions represented in this blog are personal, belong solely to the blog owner, and do not represent those of Plus Accounting. All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site.
Date Published: 22 May 2025