Scam Checker
Back to all scam alerts and blog posts

£2.5m Lost to New Invoice Scam

Published

  • phishing
  • scam-alert
  • invoice scam

Disclaimer: This post is for informational purposes only and does not constitute legal or financial advice. If you believe you have been targeted, contact your bank and local authorities immediately.

£2.5m - that's what UK businesses have lost to a new invoice scam in just 6 weeks. It's a staggering amount, and it's not just the money that's the problem - it's the fact that these scams are getting more sophisticated by the day.

How This Scam Works

The scam starts with an email that looks like it's from a legitimate supplier, complete with a fake invoice and a request for payment. But what's really going on is that the scammers have hacked into the supplier's email account and are using it to send out fake invoices to their customers. So, what can you do to avoid falling victim to this scam? Can you spot a fake invoice from a mile off, or are you going to get caught out like so many others?

Who Is Being Targeted

It's not just any old business that's being targeted - it's small to medium-sized enterprises, the ones that are already struggling to make ends meet. They're the ones who can't afford to lose £2.5m, but they're also the ones who are most likely to get caught out by this scam. What's going on in these scammers' minds - do they really think they can get away with this?

Red Flags to Watch For

So, how can you spot a fake invoice? Here are a few red flags to watch out for: 🚩 Spelling mistakes and poor grammar 🚩 Suspicious sender info - does the email address look legit? 🚩 A sense of urgency - are they trying to rush you into paying? 🚩 A request for payment to a different bank account 🚩 A lack of detail - is the invoice vague about what you're actually paying for?

What to Do If You've Been Hit

If you've already fallen victim to this scam, don't panic. Here's what you need to do:

  1. Contact your bank immediately and report the suspicious transaction
  2. Inform the supplier - they need to know that their email account has been hacked
  3. Report the incident to Action Fraud
  4. Make sure you've got the right security measures in place to prevent it from happening again
  5. Consider getting a cybersecurity expert in to review your systems

Where to Report

If you're in 🇦🇺 Australia, report the scam to Scamwatch. If you're in 🇺🇸 USA, report it to FTC ReportFraud. If you're in 🇬🇧 UK, report it to Action Fraud. And if you're anywhere else, check out the Global Scam Reporting Directory. Don't let these scammers get away with it - report them and help put a stop to this scam. Check your emails and invoices carefully with our free scam checker

External sources and references