back to article SMEs in the firing line as fake invoice scams skyrocket

UK small businesses need to be on heightened alert for fake invoices, following an alarming increase in this type of scam in the first six months of 2015. Action Fraud has received reports from 749 businesses reporting falling victim to this sort of con between January and June 2015 alone. This compares with 603 victims in the …

  1. bikerdev

    Invoices, thousands of em

    We have been getting a steady stream of them for months, usually to spurious email accounts that don't exist so end up in webmaster for me to delete.

    They are usually glaringly obvious as spam ( though not to our spam filters it would seem :( ) and merely lead to premature wear on my delete key.

    I can see why some minion operating on auto-pilot may be daft enough to pay one, though even they should really know better.

    From all our experience it takes a hell of a lot more than an invoice email to get customers to pay!

    Damn spammers, grrr

    1. jonathanb Silver badge

      Re: Invoices, thousands of em

      Those ones are viruses, which is a different thing altogether.

      In this scam, they contact the company pretending to be a supplier, and they will make sure it is a real actual supplier to the company, and tell them that their bank details have changed, so that when they do pay the real invoices, they pay them to the wrong bank account.

      1. Ken Moorhouse Silver badge

        Re: Invoices, thousands of em

        In this scam, they contact the company pretending to be a supplier, and they will make sure it is a real actual supplier to the company, and tell them that their bank details have changed, so that when they do pay the real invoices, they pay them to the wrong bank account.

        A company I know had this done to them as a supplier (they were chasing payment from a customer who had paid the money into a different account). The question I asked at the time was that surely the bank that received the funds should check that the name of the account matched when the money was paid in? If it did match then the scammers must somehow have given the relevant documentation to satisfy the bank as to their identity when opening the account - the bank being, I believe, compelled by money laundering regulations to do so. The answer given was along the lines of the bank the scammers used was in a location where such stringent proof was not needed to open an account.

    2. Adrian Tawse

      Re: Invoices, thousands of em

      Maybe there is a business opportunity here. The client, instead of giving account details, supplies those in an encrypted form. The payment is made to a third party who has the secret decryption key, and passes the payment to the real customer. I am sure this could be done for a very marginal charge which most businesses would be happy to pay in exchange for eliminating this form of fraud. Come on, someone work out the fine details.

      1. Ken Moorhouse Silver badge

        Re: Maybe there is a business opportunity here.

        Not sure what you mean. Most companies check out potential customers before accepting their custom, but what is frequently not taken on board are the due diligence checks needed to be performed on your suppliers. A simple example (emphasise the word simple there) is where a supplier gives you a VAT number. How are you expected to know whether that supplier is bona fide or not, particularly if they are a sole trader (such as myself). It is well-known that VAT numbers have a rudimentary "checksum" built into them to check validity, but a rogue supplier could still fake a VAT number. "Not my problem" one would think, but when HMRC do a VAT inspection on your books they are looking for things like this, and you risk not only having your input VAT for that supplier disallowed, but have to pay interest and a penalty for sums retrospectively owed to HMRC! Obfuscation is not IMHO the answer, but checking out your suppliers should be taken as seriously as it is done on your customers.

  2. Anonymous Coward
    Anonymous Coward

    Nothing new

    remember that there was a big instance of this in the 70s, apparently the idea was to send an invoice for a small amount then badger accounts dept until someone signed it off just to avoid dealing with it, at which point send in regular similar value invoices which would then tend to be paid automatically.

    Then there was my favourite ''we have listed you in our business directory please pay invoice' one, has lead to plenty of amusing phone calls

  3. Ken Moorhouse Silver badge

    Domain names

    The common ones I get to see as an independent IT consultant are "invoices" from Domain Name companies saying that my client's domain is due to expire, renew now. These invoices are generally for a small sum of money, but "renewing" with such a company will cause emails and websites to cease functioning, so I am pleased to set the record right when asked.

    Looking closely, the invoice is not an invoice, it is a "request for payment", so technically not a scam, but still, very misleading, which is the intention (IMHO). The company I most commonly see practicing this sales technique has an address which is nothing more than a box with a key in a branch of Mail Boxes Etc. (not that that fact is evident on the form they send out).

    1. VinceH

      Re: Domain names

      I'm happy to say I haven't seen one of those in a very long time.

      However, there is a similar type that I do get - unofficial trademark registry non-invoices (i.e. like the domain ones, really a "request for payment" carefully crafted to look like an invoice so the less careful recipients might pay up). Slightly more pricey than the old domain ones.

  4. Strahd Ivarius Silver badge

    Got today an invoice from a UK "firm" (www.europe-register.com) asking my wife's company to pay EUR 426.00 for something that was done for free and automatically when her company was registered...

    How many people fail for that kind of scam each day?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like