Fake Invoice Scams: How They Work and How to Stop Them
Fake invoice scams trick businesses into paying for goods and services they never ordered. Here is how to recognize and prevent them.
Every business pays invoices. Fraudsters know this, and they know that in a busy accounts-payable process, an invoice that looks routine often gets paid without much scrutiny. That is the entire premise of the fake invoice scam: send a bill that looks legitimate enough to slip through, and collect on goods or services that were never ordered or delivered.
These scams cost businesses billions a year, and small businesses are especially exposed because they rarely have a formal three-way matching process to catch them.
The common variations
- The phantom invoice. A bill arrives for products or services you never ordered, often from a company name you half-recognize, betting that someone assumes a colleague placed the order.
- The directory or listing scam. A fake invoice for a business directory listing, domain renewal, or "annual registration" you never signed up for, designed to look like a routine renewal notice.
- The inflated invoice. A real vendor's invoice is intercepted or imitated, but the amount or bank details are altered.
- The duplicate invoice. The same legitimate invoice is submitted twice, hoping it gets paid both times.
- The slightly-off vendor. An invoice from a name nearly identical to a real supplier you use, routing payment to a different account.
Why they work
Fake invoices succeed for the same reason most fraud does: they exploit routine. When a business pays dozens or hundreds of invoices a month, each one gets only a few seconds of attention. Fraudsters design their fakes to survive those few seconds, using official-looking logos, urgent due dates, and amounts small enough not to trigger a second look.
How to protect your business
- Match every invoice to a purchase order and a receipt. If you did not order it and did not receive it, do not pay it. This single habit, called three-way matching, defeats most fake invoices.
- Verify new vendors before the first payment. Confirm the business is real and the bank details are correct, using contact information you source independently.
- Be suspicious of urgency and renewals. Pressure to pay immediately, or a "renewal" for something you do not remember buying, are classic tells.
- Watch for near-duplicate vendor names. A supplier that looks almost like one you know is worth a closer look before you pay.
- Flag duplicate amounts and invoice numbers. The same invoice appearing twice is one of the most common and most preventable losses.
Where monitoring helps
Three-way matching is the gold standard, but most small businesses cannot do it manually on every invoice. Sherlock adds an automated safety net: it watches your payments for the signatures of invoice fraud, including duplicate amounts to the same vendor, payments to vendors with look-alike names, first-time payments to unfamiliar payees, and charges that do not fit your normal spending. When one of those patterns appears, Sherlock flags it before the money goes out the door.
Want to make sure you are not paying for invoices you never owed? Sherlock can scan your payments and surface anything suspicious.
Put a second set of eyes on your books
Sherlock monitors your transactions and flags anything worth a closer look — before it costs you.
Start your free scan →