Call us from your landline or mobile: 0207 864 7149
Start your claim
Types of Scams

Invoice Scams

Share this article

Invoice and Payment Scams: How Fraudsters Trick You Into Transferring Money for False Bills

Invoice and payment scams represent one of the most financially devastating forms of Authorised Push Payment (APP) fraud. These sophisticated schemes exploit the normal payment processes between businesses and individuals, inserting fraudsters into legitimate transactions or creating entirely fictional payment demands. Unlike many other scams, invoice fraud often targets substantial sums—with the average loss exceeding £28,000.

What makes these scams particularly effective is how they mimic legitimate business operations and payment requests that victims are accustomed to processing without question.

Understanding the Invoice Scam-Banking Connection

Invoice fraud succeeds through carefully timed interventions in established payment processes:

  • Legitimate appearance: Scammers create highly convincing invoices and payment requests
  • Timing exploitation: They often strike just before expected payments are due
  • Communication interception: They monitor email exchanges to identify upcoming payment opportunities
  • Banking details substitution: They provide fraudulent account details for otherwise legitimate payments

Let’s examine the most common types of invoice scams that culminate in bank transfers and how to protect yourself.

Business Email Compromise Scams

How the Banking Transfer Process Works

  1. Email account compromise: Scammers hack or convincingly spoof a company’s email account
  2. Transaction monitoring: They identify upcoming payments or regular billing patterns
  3. Timing selection: Just before an expected payment, they send a convincing email
  4. Banking details change: They claim the company has new bank account details for payment
  5. Banking app execution: Victims make payments to the new account, believing they’re paying the legitimate company

These scams target both businesses and individuals, often focusing on high-value transactions or regular payment patterns.

Sophisticated Tactics Used

  • Creating email addresses nearly identical to legitimate ones (e.g., changing from “company.co.uk” to “company-co.uk”)
  • Maintaining consistent communication style and signature formats
  • Including references to legitimate prior communications
  • Creating convincing explanations for bank detail changes (system upgrades, audit procedures, etc.)
  • Following up with confirmations after payment to delay discovery

Example

A medium-sized engineering firm received an email appearing to be from their long-term supplier of specialised components. The email explained that the supplier had changed banks following a corporate restructuring and provided new account details for the upcoming quarterly payment.

The email perfectly matched the supplier’s usual format, including the correct logo, footer, and account manager’s signature. Following standard procedures, the finance team transferred £38,500 to the new account details. The fraud was only discovered three weeks later when the real supplier contacted them chasing the overdue payment. The scammers had compromised the supplier’s email system and monitored communications before perfectly timing their intervention.

Supplier Payment Diversion Fraud

The Supplier Payment Trap

  1. Supplier relationship targeting: Scammers identify established business relationships
  2. Company research: They gather information about payment patterns and communication styles
  3. Direct contact: They contact the paying company claiming to be from the supplier’s accounts team
  4. Banking change notification: They announce new banking details due to a procedural change
  5. Banking app transfer: The victim company transfers money to the new fraudulent account

Banking Red Flags

  • Unexpected changes to long-established payment details
  • Slight variations in email domains or contact information
  • Requests that diverge from established verification protocols
  • Pressure to update records quickly before the next payment cycle
  • Requests to keep changes confidential for “security reasons”

Example

A construction company regularly ordered building materials from a trusted supplier with quarterly payments averaging £45,000. The company’s accounts department received what appeared to be an official letter on the supplier’s letterhead, followed by a phone call from someone claiming to be the supplier’s new finance director.

The caller explained they had switched banks to secure better commercial terms and needed to update payment details for all customers. The letter provided new account information for the upcoming payment. The construction company processed the next payment of £42,800 to these new details. Two weeks later, they discovered the deception when the actual supplier called asking about the missed payment. The fraudulent “finance director” had disappeared with the funds.

Property Purchase and Conveyancing Fraud

The Property Transfer Banking Scam

  1. Transaction identification: Scammers target property purchases, often through publicly available information
  2. Email compromise: They hack into or impersonate solicitors, estate agents, or conveyancers
  3. Critical timing: They strike just before completion when large transfers are expected
  4. Banking instruction change: They send emails with “updated” bank details for the deposit or purchase amount
  5. Banking app execution: Buyers transfer life-changing sums to fraudulent accounts

These scams are particularly devastating as they often involve the largest financial transactions people ever make.

Sophisticated Methods Used

  • Monitoring property listings and sales progression
  • Creating highly convincing solicitor or conveyancer email templates
  • Timing intervention precisely when deposit or completion payments are due
  • Using terminology specific to the property transaction
  • Creating plausible reasons for last-minute banking changes

Example

Claire was purchasing her first home and had reached the final stages of the process. The day before completion, she received an email appearing to be from her solicitor’s firm stating they had changed their client account details.

The email looked identical to previous communications, used the correct reference numbers, and mentioned specific details about her property purchase. Following the instructions, Claire transferred her £68,000 deposit to the new account details. The scam was only discovered when her actual solicitor called to ask when she would be sending the deposit. By then, the money had been moved through multiple accounts. The fraudsters had compromised the email system of the estate agency and monitored the correspondence to time their deception perfectly.

Fake Invoice Scams

The False Invoice Payment Process

  1. Business targeting: Scammers identify businesses with accessible payment processes
  2. Service provider impersonation: They create invoices from companies that likely provide services to the target
  3. Invoice creation: They generate professional-looking invoices for plausible services
  4. Direct submission: They send invoices directly to accounting departments
  5. Banking details provision: Invoices include fraudulent banking details for payment

Common Impersonated Service Types

  • IT support and software subscriptions
  • Office supplies and equipment
  • Digital marketing and website services
  • Cleaning or maintenance contracts
  • Professional membership renewals

Example

A dental practice received an invoice from a company claiming to be their website hosting provider. The invoice looked professional, included the practice’s website URL, and requested £3,850 for “annual website hosting and security services.”

The practice manager, recognising the service as something they regularly paid for, processed the payment through their banking app. Two months later, they received a genuine invoice from their actual website provider and discovered they had paid a completely fraudulent bill. The scammers had researched the business, identified their likely service providers, and created a convincing but entirely fictional invoice.

Subscription and Renewal Scams

The Renewal Banking Transfer Process

  1. Service identification: Scammers target common business or personal subscriptions
  2. Renewal notice creation: They create convincing renewal notices for services or subscriptions
  3. Urgency emphasis: They stress imminent expiration and service interruption
  4. Banking details provision: They provide fraudulent account details for the “renewal” payment
  5. Banking app execution: Victims transfer funds to continue what they believe is a legitimate service

Common Targeted Subscriptions

  • Domain name registrations
  • Professional directory listings
  • Software licenses and antivirus programs
  • Trade association memberships
  • Publications and information services

Example

A small accountancy firm received an official-looking email warning that their domain name was about to expire. The message stated that unless payment was made within 48 hours, their website and email services would be suspended, potentially causing significant business disruption.

The email included a renewal invoice for £2,950 for “5-year premium domain registration and protection services.” Concerned about losing client communications, the office manager quickly arranged payment through their business banking app. The fraud was only discovered weeks later when their actual domain provider sent a routine service message. The scammers had created an entirely fraudulent renewal notice for a service they knew most businesses would be anxious to maintain.

Government and Regulatory Fee Scams

The Regulatory Payment Scam

  1. Business sector targeting: Scammers identify businesses subject to specific regulations
  2. Authority impersonation: They pose as government departments or regulatory bodies
  3. Compliance fee demand: They create notices demanding payment for licences or compliance fees
  4. Consequence emphasis: They stress penalties for non-compliance or late payment
  5. Banking app transfer: Victims pay to maintain what they believe is regulatory compliance

Common Impersonated Authorities

  • Tax offices and local councils
  • Industry-specific regulatory bodies
  • Health and safety authorities
  • Data protection registrars
  • Trade licensing departments

Example

A restaurant received an official-looking letter claiming to be from the “Food Standards Compliance Office.” The letter stated that new regulations required all food establishments to register for an “Enhanced Hygiene Certification Program” at a cost of £4,250 for three years.

The document featured official-looking logos, reference numbers, and citations of food safety legislation. It warned that failure to register within 14 days would result in potential fines and compliance inspections. The restaurant owner, concerned about regulatory compliance, transferred the fee from their business account. They later discovered through their local council that the “Food Standards Compliance Office” did not exist and the entire scheme was fraudulent.

The Banking System Vulnerability: Why Invoice Scams Succeed

Invoice scams exploit several features of modern banking and business operations:

Faster Payments Technology

  • Immediate transfers: The Faster Payments system means money moves instantly to fraudsters
  • Irreversibility: Unlike card payments, bank transfers cannot be easily recalled once sent
  • Large transfer capability: The system allows for substantial transfers without additional verification

Business Process Exploitation

  • Routine nature: Invoice payments are regular, expected transactions that raise few red flags
  • Process automation: Many businesses have streamlined payment processes with minimal verification
  • Authority presumption: Finance teams are accustomed to processing approved payments efficiently
  • Email dependence: Most payment instructions and invoices are now sent electronically

Digital Banking Convenience

  • Remote authentication: Banking apps allow transfers to be made anywhere, anytime
  • Simplified transfers: Corporate banking platforms make large transfers straightforward
  • Limited verification: Many banks have minimal verification requirements for established payees

How to Protect Yourself When Using Banking Apps for Invoice Payments

  1. Verify any changed bank details: Always confirm changes through established contact methods, not those provided in the change notification
  2. Implement call-back procedures: Establish a verification call using known contact numbers before processing large transfers
  3. Check email addresses carefully: Look for subtle differences in domain names and sender details
  4. Set up payment limits: Require additional authorisation for transfers above certain thresholds
  5. Use the delay period: Most banks now implement a time delay for new payees—use this time to verify
  6. Establish vendor verification protocols: Create standard procedures for adding or changing supplier details
  7. Train staff regularly: Ensure all team members involved in payments understand invoice fraud risks
  8. Create segregated duties: Separate the roles of payment authorisation, execution, and reconciliation

If You’ve Been Scammed Through Your Banking App

If you’ve fallen victim to an invoice scam involving bank transfers:

  1. Contact your bank immediately: Report the fraud as soon as possible—every minute counts
  2. Notify the genuine supplier: Alert the company being impersonated about the fraud
  3. Report to Action Fraud: File an official report with the UK’s national fraud reporting centre
  4. Preserve evidence: Save all emails, invoices, and payment confirmations
  5. Review internal processes: Identify and address the vulnerabilities that were exploited
  6. Check reimbursement eligibility: Under regulations effective October 2024, many APP scam victims have strengthened rights to compensation

How APP Claims Can Help You

At APP Claims, we specialise in helping victims of invoice-based APP fraud recover their money, even when banks have initially rejected reimbursement requests:

  • Expert case assessment: We’ll evaluate your situation free of charge
  • Specialised knowledge: Our team understands the complex mechanisms of invoice scams
  • Bank negotiation: We handle all communications with financial institutions
  • Evidence compilation: We build compelling cases that banks cannot dismiss
  • Ombudsman escalation: When necessary, we take your case to the Financial Ombudsman Service

All on a No Win, No Fee basis.

Invoice scams can have catastrophic effects on businesses and individuals, potentially leading to cash flow crises and significant financial hardship. If you’ve been victimised, contact APP Claims today to explore your reimbursement options and begin your financial recovery journey.

This information is regularly updated as invoice scam tactics evolve. Company names and specific details in our examples may have been changed for illustrative purposes. Note that legitimate companies with similar names to those mentioned may exist and operate genuine services. Last updated: April 2025.

New FOS fee adds insult to injury for scam victims – but there’s a better way
Job/Work Scams
Start your claim

Latest APP news

About us

At APP Claims, we’re dedicated to helping UK consumers and businesses recover money lost to payment scams. Our expert team comprises specialist solicitors and financial fraud professionals who understand the complexities of banking regulations and fraud recovery.

We know how devastating it can be to lose your money in a scam, especially when your bank initially refuses your claim. That’s why we’re committed to guiding you through every step of the recovery process clearly, transparently, and with empathy.

Panel of specialist bank APP recovery solicitors

If bank reimbursement rejected, FOS available

No Win No Fee – you only pay from what is awarded

Quick claim progression and rapid response times

More useful reading: