Our last article covered how vendor invoice fraud scams combine social engineering and hacking in order to trick large companies into unwittingly paying scammers. If you are worried your company has or currently is falling for one of these scams, this article is for you. We’ve provided a short list of some easy red flags to look for in all your invoices, along with examples of past scams.
The real invoice above is one shared by Erin Pheil in her blog post. A quick scan through the invoice wouldn’t raise any immediate red flags. However, there are three major issues with the invoice.
Revealing Fine Print
Reading the fine print is likely the easiest way to avoid falling for the trap of invoice fraud. In a majority of invoice scams, the fraudsters will include statements blatantly admitting the invoice is not legitimate or that you have no obligation to respond or pay. As seen in the yellow pages invoice above, the fine print directly states “This is a solicitation for the order of goods or services, or both, and not a bill, invoice or statement of account due. You are under no obligation to make any payments on account of this offer unless you accept this offer”.
Statements like that are usually what allow scammers to continue their scheme. Nothing in the invoice is technically a lie so if a keen-eyed recipient calls in the fraud, they can escape repercussion. However, if you receive a suspicious invoice that doesn’t have as revealing fine print, there are a few other key red flags.
Incorrect Personal Information
In the Yellow Pages United invoice above, it looks as though the recipient had previously communicated with, and signed off on some basic information. However, her phone and fax information is incorrect. This serves two purposes. If you do not look through the document thoroughly enough to notice the information is incorrect, chances are you are also likely to be tricked into thinking you have a pre-existing deal with the vendor and owe them money. If you do notice the information is incorrect, but do not realize the invoice is part of a scam, you will likely call or email to get the information fixed. This gives them your correct information to fool you more effectively in the future.
The most egregious part of this particular invoice though is that they faked her signature. This serves the same purpose as filling out your incorrect contact information, but is much riskier. If you’re just scanning the document or they somehow accurately mimic your signature, they have a good chance of completing the scam. However, if like in this case their attempt is not close to your actual signature, it’s an immediate give-away something is wrong with the form.
Try and remember the last bill you had that lacked any cents in the amount owed. The example invoice above has an amount due of a perfect $296.00. While this is not always linked to a scam, if you receive multiple invoices from the same vendor with rounded amounts, you might be getting scammed. As easily fixed as this red flag seems, a high frequency of scam invoices follow this trend.
Pressure to Act Quickly
This second fraudulent invoice is provided by CFO Innovation and showcases another few key red flags, some of which were discussed in our last article that outlined the process behind vendor invoice scams. The main thing to take note of with this example is the urgency in the text. Both the subject of the email and the text within convey the need to respond and pay immediately. Rushing recipients and panicking them is an easy way to make them fall for a scam. If you receive an invoice that is pressuring you to take immediate action and you don’t remember the vendor or being late on a payment, the invoice may be fraudulent.
This particular example also demonstrates two other techniques used by scammers, discussed in our previous articles on the topic. They used a similar but fake company email address to appear as legitimate, and they requested a change of account information. Both of these are also common signs the invoice may be fraudulent.
If you have been the victim of an email compromise scam, call McCann Investigations at (800) 713-7670. We will provide a free consultation and outline the steps you and your response team need to take to gather and maintain the evidence you need to pursue litigation or an insurance claim. We can also explain the critical use of an licensed investigator to perform the forensic investigation and provide an objective opinion on the origination and scope of the compromise scam.