AP checklist

Fake invoice checklist before you pay

Fake invoices work because they blend into real work. A bill looks routine, a sender looks familiar, and a due date creates pressure.

Use this checklist before paying any invoice with changed payment instructions, unusual sender behavior, missing PO match, or first-time vendor context.

Run invoice check Read FAQ

Quick answer

The checklist is the control

If an invoice asks for new banking details, stop treating it like a document review. Treat it like a vendor verification event.

Free AP Fraud SOP Kit

Turn this check into an AP policy

Get the vendor bank-change policy, callback script, approval note, incident checklist, and hold triggers for your finance team.

Get the SOP kit Future paid: saved checks, audit log, PDF reports, team templates - $19/mo teaser.

Before paying

Document each item in the payment approval record.

  • Sender domain matches the known vendor domain character by character.
  • Reply-to matches From domain or is explained through a known channel.
  • Invoice amount, PO, goods/services, and due date match records.
  • Bank details match prior payment history or were verified by callback.
  • A second approver reviewed any new vendor or bank-change request.

Automatic hold triggers

Hold payment when any of these are present.

  • Urgent same-day wire or ACH instruction.
  • New account, routing number, bank country, or payment method.
  • Requester says they cannot talk by phone.
  • Vendor asks to bypass PO, onboarding, or approval workflow.
  • The message includes secrecy or executive pressure.

Fake Invoice Checklist FAQ

What is the fastest fake invoice check?

Look for changed payment instructions, urgency, reply-to mismatch, missing PO match, and whether the vendor was verified by a known phone number.

Should small businesses use this even without an AP team?

Yes. The same controls apply: call the vendor on a trusted number, document the confirmation, and do not pay from email alone.