Skip to content

Alert Banner Text Goes Here Alert Banner Text Goes Here Alert Banner Text Goes Here Alert Banner Text Goes Here

Get in Touch

In the complex world of business finance, vendor fraud stands out as a significant and growing threat. Fraudsters employ various sophisticated methods such as account takeover (ATO), authorized push payment (APP) fraud, and business email compromise (BEC) to exploit vulnerabilities within an organization. Constant vigilance is required to combat this crime. 

Vendor fraud specifically targets employees in the Accounts Payable (AP) department, making it crucial for businesses to be vigilant and proactive in their prevention efforts. 

 

Here are four common vectors used by fraudsters to deceive AP employees: 

 

  1. Grooming AP Employees. Fraudsters are known for their patience and persistence. They may begin by sending harmless emails to an AP employee, posing as a legitimate vendor. Over days or even weeks, they build a rapport and establish trust. Eventually, they slip in a fraudulent request or submit a false invoice. AP employees should be alert for odd phrasing, uncharacteristic language, and typographical errors that might indicate fraudulent activity. 

 

  1. Exploiting Current Events. Fraudsters often leverage chaotic situations to their advantage. For instance, during significant events like the collapse of Silicon Valley Bank, many vendors needed to update their banking information urgently. Fraudsters seized this opportunity to trick businesses into updating vendor information to fraudulent accounts. AP employees must be extra cautious during such times and scrutinize emails related to current events. 

 

  1. Impersonating Internal Leaders. Another common tactic is impersonating AP leaders or business executives. Fraudsters send emails that appear to be from high-ranking officials requesting urgent payments to new accounts or confirmation of vendor bank details. These emails are often timed strategically, such as late Friday afternoon, to catch employees off guard when they are likely to be tired or distracted. 

 

  1. Spoofing Emails. Fraudsters may also spoof emails by using addresses nearly identical to those of legitimate vendors or colleagues. For example, an email from ted.hinny@company123.com could be spoofed as ted.hinney@company123.com. Such minor differences are easy to miss, especially if the email content appears routine. AP employees must be vigilant in spotting these subtle discrepancies, including character substitutions like the lowercase letter "l" for a capital "I." 

 

Staying One Step Ahead of Vendor Fraud 

Training your AP staff in the subtleties of social engineering, establishing procedures to enhance security, and practicing business identity authentication to verify that communications are legitimate, are all critical to avoid loss. Modern anti-fraud solutions can also flag unusual transactions, duplicate invoices, and payments that do not match contract terms.  

Continuous monitoring helps in the early detection of potential fraud. 

Vendor fraud poses a significant threat to businesses, but, with the right strategies, it can be effectively managed. By understanding the tactics used by fraudsters and implementing layered vendor fraud prevention safeguards, businesses can protect themselves from substantial financial losses. Staying vigilant and proactive is key to success in the evolving landscape of vendor fraud.