Fake Invoice Warning Issued to SMEs


28 Aug 2015

Fake Invoice Warning Issued to SMEs

SMEs have been warned to be on the lookout for fake invoices after more than 700 businesses reported that they had fallen victim to the scam in the first half of this year. The summer months in particular are proving to be exceptionally profitable for the scammers.

The worrying increase is thought to be down to scammers taking advantage of the fact that many businesses most experienced staff are away for their summer breaks and leaving less experienced colleagues to deal with invoices. As a result, these staff members are more likely to miss an attempted scam.

The scam sees cyber criminals posing as a supplier to the targeted business. If the initial scam is not noticed then the fraudsters will attempt to get hold of sensitive information; with account details for invoices being the most sought after prize. An unfortunate staff member may be tricked into doing so, only for it to be revealed later that the business has been sending money to the scammer rather than the real supplier.

SMEs need to train their staff to be able to spot fraudulent and fake invoice requests. Internal security is just as important as external. As well as that, they also need to be aware of disgruntled staff inside the business. An unhappy employee could be assisting the scammers by feeding them information.

Businesses of any size are at risk from this type of scam, but SMEs are more vulnerable to the consequences. Hackers and cyber criminals are increasingly focusing their attacks on SMEs as larger organisations are often seen as tougher targets.

The impact of such a scam on an SME should not be underestimated. A small business is likely to find it hard to recover from such a security breach.

How to Defend Against Fake Invoice Scams

By educating all members of staff that this type of fraud exists is vital. Scammers rely on people’s ignorance to get a way in. During holiday periods ensure that all temporary staff are also briefed and told to keep an eye out for any suspicious invoice requests.

Always check that an invoice request is from a genuine supplier before paying and always use established contact channels when dealing with them. If the supplier is using a personal email address do not respond.

Check invoices for any obvious spelling mistakes. If a supplier’s name is misspelt then the invoice could be from a scammer. Also, when making large payments make sure that you contact the supplier beforehand to make sure you have the correct bank account details.

As well as these measures, the business needs to take internal and cyber security seriously. Ensure that your devices have the latest patches and anti-malware software installed and ensure that no sensitive documents are left lying around unattended.

Don’t become a target or victim of cybercrime. Seek the advice of the professionals such as those at PGI Cyber.

Share this article

Contact us

Call us now to discuss your requirements with one of our consultants.

Contact us today

Related News

CISMP, CISSP and CISM - what's in an acronym?

20 Mar 2017

There is a wide range of different security courses available, and a mind-boggling array of...

Watch Video

International Womens Day - Pioneering Women in Tec...

08 Mar 2017

Pioneering Women in Technology – Katherine JohnsonThe Oscar season has been and...

Watch Video

Law Firms and why they need cyber security

06 Mar 2017

Suffering a data breach can be devastating for any company but for law firms the impacts can be...

Watch Video
Back to the News Hub

Follow us

+44 (0)207 887 2699
©2017 PGI - Protection Group International Ltd. All rights reserved.
PGI - Protection Group International Ltd is registered in England & Wales, reg. no. 07967865
Registered address: Cascades 1, 1190 Park Avenue, Aztec W, Almondsbury, Bristol BS32 4FP