Overlay
What is Invoice Redirection?
Targeting you:
- Criminals pose as a creditor or supplier and tell you their company’s bank details have changed. The communication will ask you to make all future payments to a new fraudulent account.
Impersonating you:
- The fraudster may have gained access to compromised email accounts belonging to finance team employees.
- They use knowledge gained from compromised email accounts, such as billing frequency or customer interactions, to create identical looking invoices with similar language and logos, and send these to your customer. When the customer pays the invoice, the money goes straight to the fraudster’s bank account.
- There are several ways for attackers to get access to your mailbox, such as a password spray, an attack that attempts to access many accounts with a few commonly used passwords, or the use of malware and phishing, where attackers send an email with a link to a fake website that’s designed to steal credentials.
Be vigilant. Check and challenge
This video has been created to give you some advice and guidance to help reduce the risk of scam and fraud attempts by detailing ways that you can verify new payee details.
Take Five to stop fraud
Take Five is a national campaign that offers straight-forward and impartial advice to help everyone protect themselves from preventable financial fraud. This includes email deception and phone-based scams as well as online fraud – particularly where criminals impersonate trusted organisations.