ScamSpot for Business

Verify an invoice before you pay

Your AP team just received an invoice that feels off: maybe the wording is different, the bank details changed, the amount is unusual, or the email pushes for same-day payment. Before you wire the money, paste the invoice text below to get B2B-tuned risk indicators.

This tool does NOT verify the vendor, the bank account, or the invoice itself. It gives risk indicators and a verification checklist so your team can slow down and verify independently. Always call the vendor on a phone number from your existing records before taking action.

Check an invoice Read FAQ

Quick answer

Invoice fraud hides inside normal vendor workflows

Real invoice fraud rarely looks like a Nigerian prince. It looks like a vendor you have paid for two years asking you to update the bank account or pay the attached PDF today. Risk indicators include bank-detail changes, lookalike sender domains, urgency wording, and instructions to bypass purchase orders or approvals.

Free scam check

Paste the suspicious invoice or vendor email

The sample below is a realistic vendor impersonation pattern. Replace it with the email body, invoice text, payment instructions, or executive request you want to check. Remove account numbers and confidential vendor data first.

Sample loaded

Red flags AP teams should look for

Real invoice fraud combines several of these signals. One alone may be benign; three together should freeze the payment.

  • Vendor bank-account or routing change communicated only by email.
  • Sender domain is slightly different from the known vendor domain (lookalike, extra hyphen, .co vs .com).
  • Free-mail address (gmail, outlook) claiming to be from a corporate vendor.
  • Reply-to address differs from the From address.
  • Same-day urgency, threats of service interruption, or pressure to bypass approval workflow.
  • Wording, signature, formatting, or invoice template differs from prior invoices.
  • Executive impersonation: CFO or CEO emailing AP directly with a wire request.
  • Attached PDF where the bank details differ from the body of the email.

Verification checklist before you pay

Use this as the control loop, not the email exchange.

  • Call the vendor on a phone number from your existing records (NOT a number in the suspicious email or PDF).
  • Confirm the bank-account change verbally with two named contacts at the vendor.
  • Require a second approver inside your finance team for any payment-instruction change.
  • Send a small test payment ($1) and confirm receipt before sending the full amount.
  • Preserve email headers (raw source), attachments, and the full approval trail.
  • If anything still feels off, hold the payment for 24 hours. Real vendors will wait.

If you already paid

Move fast. The first 24-72 hours are when wire recall is most likely.

  • Call your bank immediately and request a wire recall under the FBI Financial Fraud Kill Chain.
  • Report to the FBI IC3 (ic3.gov) the same day; IC3 coordinates with banks for recall.
  • File a complaint with the FTC (reportfraud.ftc.gov).
  • Notify the impersonated vendor so they can warn other customers.
  • Engage IT and email security to check whether your mailbox or the vendor's was compromised.
  • Document everything for cyber insurance and law enforcement.

Disclaimer

ScamSpot for Business provides risk indicators only. It does NOT verify vendors, bank accounts, or invoice legitimacy. Always call the vendor on an independently-verified phone number - never one in the suspicious email - before taking action.

  • Not a vendor verification service.
  • Not a bank-account ownership validator.
  • Not legal, financial, or compliance advice.
  • Report confirmed fraud to the FBI IC3 (ic3.gov) and the FTC (reportfraud.ftc.gov).

Example: vendor bank change with urgency

Input

Our accounts team changed banks this week. Wire today's invoice balance to the new account in the attached PDF. Time-sensitive.

What to notice

  • Bank-account change announced by email is a classic BEC vector.
  • Same-day urgency removes time for normal verification.
  • Verify by phone on a number from your existing records, not the email.

Verify Invoice FAQ

Does ScamSpot verify the invoice or the vendor?

No. ScamSpot for Business provides risk indicators only. It does NOT verify vendors, bank accounts, or invoice legitimacy. Always call the vendor on an independently-verified phone number - never one in the suspicious email - before taking action.

What if the email comes from a real vendor address?

A real mailbox can be compromised. Treat any bank-detail change or unusual urgency from a known vendor with the same skepticism as a new vendor. Verify by phone on a known number.

Do scammers really send fake invoices for amounts that look normal?

Yes - that is the whole point. BEC operators study public vendor lists and prior invoices to make the amount and wording look routine.

Where do I report a confirmed invoice fraud or BEC?

Report to the FBI Internet Crime Complaint Center (ic3.gov) and the FTC (reportfraud.ftc.gov). Notify your bank within hours - wire recall windows are short.

Can I paste the attached invoice PDF?

Paste the text content (subject, sender, body, key amounts). Do not paste personally identifying account numbers or confidential customer data.