Q&A: How to spot the invoice scam and what to do if your firm is targeted

If your supplier emails to say they have changed their bank details, call to confirm

Businesses have been warned to not trust emails claiming that a supplier’s banking details have changed.

Businesses have been warned to not trust emails claiming that a supplier’s banking details have changed.


On Monday gardaí warned that two Irish-based companies have been defrauded of a combined €650,000 following internet email scams.

Chief Supt Pat Lordan of the Garda National Economic Crime Bureau explains what firms should watch out for and what they should do if they believe themselves to have been targeted by such a fraud.

How do you know if your firm might be the victim of an invoice scam?

The main red flag is when a company claims it is changing its bank details.

How can firms spot a fake invoice

All of the invoices are genuine in that the customer owes the money. There are no fake invoices. You do owe the money to somebody, but the criminals convince you to send the money to the wrong bank account.

How does the scam work?

The most recent one we had is a substantial business operating throughout Ireland and with business throughout the world. We are satisfied that the criminals were monitoring the emails of this business and they waited until they saw a very substantial invoice coming due for payment. They then put in a request to change the bank details of the supplier. Say the supplier is Joe Bloggs Ltd.

They make a small change to the email address, for instance substituting ‘.com’ for ‘.net’, and you assume that it is a proper email from your supplier. In a lot of cases companies doublecheck that these emails are legitimate by responding to them via email.

However, the criminals are intercepting those emails. They never get to the supplier and the criminal answers the email, on behalf of the supplier.

That gives confidence to the customer. They pay the money and only find out a few weeks later that the money has gone. This has happened to two businesses in the last month that I know of.

What is your advice to businesses targeted in this way?

Pick up the phone and talk to your supplier and double-check they have changed their bank account details.

What should a business do if it believes it is being targeted?

Contact your local garda station and your local bank.

If is a very recent case, make sure that the bank and the gardai are chasing up the recovery of the money.

You will only recover the money if you find out about it very quickly. The minute that you find out, you need to contact your bank straight away.

If that’s days later, the chances are drastically reduced. We would say the first 24 to 48 hour period is critical. You have some hope then.

In one of these cases it was six days later, but we managed to recover the money. However, in the other case, the majority of money was lost.

How widespread is this fraud?

This is a worldwide problem affecting businesses. It is affecting private individuals. It has affected people buying houses and their final deposit on a house. We have seen people losing large amounts of money.