Author: Summer Stratton, Digital Marketing Manager
Beware of fake emails requesting you to change payment details
What is "Change of Payment Details" fraud? Companies receive an email purportedly from a known vendor or employee indicating a new banking relationship has been established and asking the company to send future payments to new locations (Routing and Account Numbers, addresses, etc.) listed in the email.
Payments fraud is increasing rapidly
Fraudulent efforts to get you to change where you send payments are on the rise, and whenever there is significant news or changes in the Banking industry (as we’ve seen recently), you can expect more efforts at trying to take advantage of the turmoil.
A payment change request should always put your accounts payable team on high alert. Many requests are legitimate, but never let your guard down. Fraudsters continue to create legitimate looking emails to impersonate legitimate vendors, suppliers (or even employees) and then send you a “change of payment instructions/details” request.
If you don’t have a verification process in place for when a vendor, supplier or employee emails you with a request to change their payment instructions, you should develop one right away. In the meantime, double check the request and compare the information they provide in the email to what you already have on file. Pick up the phone and call the vendor, supplier or employee (with the number you already have on file – not the number on the email you received). Tell them you understand the urgency, but you need to follow your process for everyone’s protection.
What can you do to protect yourself?
- Be proactive and make sure that you develop and have a process in place to validate changes in payment details so you can avoid future incidents.
- Do NOT call the phone number listed within the email, and do NOT respond to the email as sent, as this is likely connected to the fraudster.
- Make sure you have a verification process in place. Call the Company or Employee to verify that they in fact sent the email, and truly have changed the banking relationship or payment instructions.
- DO call the phone number listed in your accounting system (for the Vendor) or Employee file. This ensures you will be reaching a reliable source who can tell you if the request is legitimate.
Remember: NEVER change payment related information by an email request alone. Make sure you’re sending money to the appropriate place and not becoming a victim of fraud.
At the end of the day, everyone will appreciate your effort to protect their business and your own.