Invoicing Email Scams on the Rise Says Report from Australia

Mike  Lata (aka Maciej Duraj)

Mike Lata (aka Maciej Duraj), 2018-11-26

Invoicing security is a touching subject because it often doesn’t get stressed enough and people are taken for a ride with promises. Security also does not necessarily mean an invoice that can be read between just two people. It can also mean security from phishing scams or ways someone with access to an account can convince a company that he should be the one getting payment not the actual client.

“BEC scams occur when a hacker gains access to a business's email accounts, or 'spoof' a business's email so their emails appear to come from the company, According to BusinessNews Australia. “The hacker then sends emails to customers claiming that the business's banking details have changed and that future invoices should be paid to a new account.”

No system in place by itself can really prevent a company from sending funds or an invoice to the wrong individual, however some systems have better safeuards in place than others. At InvoiceOcean UK, you can go to your invoices list and see exactly when each invoice was sent, whether it was paid for or not, and who it was sent to. We also offer an URL of a client panel where the clients (or those scammed in the case of the article above) can monitor their cash outflow and follow their invoices.

Sending invoices via templates and forgetting about them is a way to quickly lose track and get into trouble. Just as well, sending recurring invoices and not following up on whether the client is getting paid in time or is satisfied is another way to potentially run into problems.

It seems to me reading the article that the scams in question here are ones where the companies sending invoices to clients were duped into thinking a client had a different bank account, for instance, and changing it in future invoices. Or, they thought the invoice was unpaid previously and made another payment without thinking. These are just some of the examples I am thinking a scam like this could be pulled off.

This is also why our system has the client information already set up and entered automatically with new invoices so the person doing the invoicing can quickly search their information or not have to enter it manually each time and risk making a mistake.

It is good to have a secure system in place to prevent eavesdroppers or hackers, but it is also good for a company to monitor its cash flow and not be easily tricked into changing client information or payment information.