Before You Pay That Invoice, Verify the Change
A payment scam does not always look like a fake lottery prize or a strange message from someone you do not know. In a business, it can look like a normal invoice, a familiar supplier, a manager asking for help, or an email thread you have seen before.
One common trick is simple: the attacker asks your team to send money to a new bank account, approve an urgent payment, change supplier banking details, or resend a transfer because “the first one had a problem.” Sometimes the email address is slightly fake. Sometimes a real mailbox has been compromised. Either way, the message can look convincing.
The safest habit is also simple: pause and verify payment changes using a known contact method before money leaves the business.
Why this catches people
Office staff are busy. Accounts teams handle many invoices. Managers travel. Suppliers follow up. Everyone wants to clear tasks quickly.
Scammers take advantage of that pressure. They may use words like “urgent”, “confidential”, “today only”, “do not call me”, or “the director already approved this.” They may also copy the tone of a real supplier or continue an existing email conversation.
That is why this should not depend only on whether an email “looks real.” A clean-looking message can still be fraudulent.
Do this before approving a payment change
Do:
- Treat any new bank account, changed banking instruction, urgent wire transfer, refund request, or unusual payment method as a verification event.
- Call the supplier, manager, or customer using a phone number you already had on file — not the number inside the suspicious email.
- Confirm the change with a second person inside your business when the amount is significant or unusual.
- Check the email address carefully, including small spelling changes, extra letters, lookalike domains, and reply-to addresses.
- Keep a short record of who verified the change, when it was verified, and which trusted contact method was used.
- Report suspicious payment requests to your manager or IT contact, even if you did not click anything.
Do not:
- Use the phone number, WhatsApp number, or link provided in the payment-change email as your only verification.
- Rush because the message says the payment is urgent, confidential, or approved by someone senior.
- Change stored supplier bank details based only on an email thread.
- Send proof of payment, customer information, tax documents, or account details to a new contact without checking.
- Assume a message is safe just because it came from a familiar name or appears in an old conversation.
- Feel embarrassed about slowing down. A proper business process should support staff who double-check payment requests.
A simple rule for staff
If a message changes where money goes, who receives money, or how payment should be made, stop and verify it outside the message.
That means using a known phone number, a trusted internal contact, or an approved supplier record. Do not verify by replying to the same email, clicking a link in it, or calling a number that came with the request.
What to do if you are unsure
If something feels off, do not approve the payment yet.
- Save the message and any attachments.
- Tell your manager, accounts lead, or IT support contact.
- Use a trusted phone number to confirm the request.
- If money was already sent, contact the bank immediately and ask whether the transfer can be stopped or recalled.
- If a mailbox may be compromised, change the password, check MFA, and ask IT to review forwarding rules, login activity, and suspicious messages.
The goal is not to make every payment difficult. The goal is to make payment changes consistent, documented, and hard for a scammer to rush through.
A two-minute call can prevent a very expensive mistake.
