What is happening?

Fraudsters are using phishing emails to steal usernames and passwords, allowing them to hack your personal or business email accounts.

They then troll and monitor your email account for an opportunity to intercept an invoice. For example, when you are purchasing goods and awaiting an invoice on email, or if your business is sending an invoice by email.

The scammers intercept an email, change the bank details on the invoice and send it on for payment. In many cases, they use spoofing to make the email address seem credible and trustworthy. Spoofing changes a letter or domain in the email address to make it appear legitimate.

The recipient pays the invoice thinking it comes from a legitimate source, when in fact the money is paid into the scammer’s account.

  • What is phishing?

    Simply, an e-mail from a fraudster who is impersonating a bank, claiming your security has been compromised or a retail company you may have purchased from in the past, in the hope you will not notice it is a ‘spoof’ e-mail and click on the hyperlink contained in the email. The link may download Malware or take the victim to a website which is a mock-up of the bank or retail company, in the hope the victim will try and log on, disclosing their Username and Password. 

  • What is invoice fraud?

    Invoice fraud scams can result in losses that run into hundreds of thousands. It happens when a fraudster tricks a business\person into changing the bank account details of a known and regular supplier i.e. Utility or Telecom company, to that of the fraudster.


How to protect yourself

Here are some tips to help you prevent this fraud:

  • If you are running a business, you can pre-empt this type of attack. Let current and new clients know that your banking details will never change. If they receive any correspondence announcing a change in bank details, advise clients to contact you and verify your banking details before they pay.
  • You can also consider leaving your bank details off your invoices and calling clients to give them this information instead.
  • If you are an individual who is supplying banking details, do not email invoices with bank details. Instead,  give your banking information directly over the telephone.
Stay alert from email hacking and phishing

In our increasingly digital age, cybercrime is on the rise. However, not all fraud relies on sophisticated technology. Sometimes a common, simple deception can separate you from your money.  For Fraud information from the authorities, click the links below to find out more.