Technology
Invoice Fraud and How Supply Cloud Prevents It
Invoice fraud is on the rise, and if you still receive your invoices by email, you are at risk.
May 14, 2024
Invoice fraud is on the rise, and if you still receive your invoices by email, you are at risk.
A 2022 study found that Accounts Payable departments are more susceptible to business email compromise (BEC) schemes than any other department, with 58% of businesses falling victim. This includes fraudsters impersonating vendors, using vendors’ actual but hacked email addresses directing payments based on real invoices to fraudsters’ accounts, to embedding malware in what appears to be attached invoices.
In 2020 alone, BEC attacks that used invoice or payment fraud rose by 155%.
This type of fraud starts with an innocuous email that appears to be from one of your vendors. This email announces that the vendor has changed banks and needs to update their banking details.
The truth is this email is not from your vendor, and the bank details are for an overseas account. Afterwards, as legitimate invoices arrive from that vendor and you make regular payments in good faith, the payment is directed to the fraudster’s account. You likely will not realize anything is wrong until you get an invoice reminder or a phone call from your actual vendor chasing a late payment after the usual 30- or 90-day payment period.
Supply Cloud’s OnePay platform eliminates the possibility of invoice redirect fraud. With OnePay, vendors control their own banking details, so they never need to send updates to their customers. A vendor updates their banking information once in the secure portal, re-directing all future payments from all of their customers. Banking details never have to be entered into their customers’ payable systems, eliminating the possibility of invoice redirect fraud.
This type of fraud occurs when fraudsters send fake invoices to your business. These malicious actors spoof email accounts to look like genuine messages from authentic vendors. These emails and their attached fake invoices can be quite deceiving. Email footer information and email signatures are easy to obtain online and recreate. So are invoice templates.
More sophisticated fraudsters will use malware to hack into the payments or email systems of your business, allowing them to intercept and hijack ongoing email threads with your vendors. Clicking on what you think is an attached invoice allows the fraudster to gain access to your system and steal valuable information, including ACH details. Worse, clicking on attached invoices can lead to ransomware attacks, costing your business tens of thousands of dollars.
A 2022 Association for Finance Professionals survey found that 58% of survey respondents had received attempted email scams.
Supply Cloud removes the guesswork and security risks around receiving invoices by email.
All of your invoices are delivered to a secure web portal. Submitting false invoices by email is relatively easy. Submitting false invoices via the secure Supply Cloud portal is not.
Internal fraud occurs when Accounts Payable employees embezzle, misdirect funds, or make unauthorized purchases. Researchers estimate that two thirds of AP fraud is committed internally. This includes fabricated invoices, duplicate invoices, overbilling, or payments to inactive vendors that get directed to accounts they control.
Supply Cloud makes this type of fraud hard to get away with by increasing visibility into the payment process, maintaining rich logs, and by checking invoices and payments with artificial intelligence (AI).
Supply Cloud checks for both duplicate invoices and payments, providing a double layer of protection. Invoices whose addresses do not match the vendor address on file are identified. Key details such as tax ID numbers and missing purchase order numbers are checked. Supply Cloud can also alert you if invoices are received from inactive or duplicate vendors. These security alerts can be configured to alert multiple people within your Payables and management team.
Supply Cloud provides an unprecedented layer of safety around your invoice and payables process. Guesswork and risk are removed as invoices are no longer received by email. Rich analytics, payment logs, and robust AI-powered alerts eliminate both external and internal fraud. Supply Cloud significantly reduces the risk of invoice fraud and security breaches, allowing you to sleep better at night knowing your business is safe.
Supply Cloud (a division of LBMX) drives the commercial relationship between suppliers and their customers. Leveraging a unique one-to-many network, Supply Cloud is the leading B2B platform that allows suppliers to view their many independent customers through a single lens. Powered by LBMX technology solutions, Supply Cloud has revolutionized the trading relationship for EDI, product data exchange, payments, and rebate management.
