Invoice fraud occurs when criminals send a fraudulent invoice or bill to a company, requesting payment for goods or services. Matthew Field, head of the Fraud Advisory Panel, says: “This type of fraud not only harms the businesses and individuals targeted by the criminality it damages confidence in the industry and undermines the payment processes on which so many rely.” 

According to the Home Office’s most recent economic crime survey, one in four businesses with employees said they had been the victims of fraud in the preceding 12 months. Fake invoice fraud is the most common threat, experienced by 11% of businesses. 

Last month, the National Crime Agency (NCA) and NatWest Group launched a joint invoice fraud factsheet aimed at accounts payable and finance professionals who are often the gatekeepers, protecting both their businesses and their clients from becoming victims. The organisations highlight data from crime survey of England and Wales which estimates that just 14% of cases are being reported by victims to the police or Report Fraud (the reporting website which replaced Action Fraud in December 2025).

Common red flags

Fraudsters are masters of manipulation and deceit, and although their tactics are ramping up in sophistication, there are some telltale signs that should ring alarm bells that an invoice may not be legitimate.

Look out for any anomalies relating to the supplier, such as a newly created business with little or no trading history, unexplained changes to bank account details, or suppliers that cannot be independently verified through trusted channels. 

Fraudsters will often pose as a trusted organisation or person, using lookalike email addresses or spoofed domains to convince you to send money to an account they control, explains Daniel Sibthorpe, Director, Cyber Security and Counter Fraud at Crowe UK. 

"It’s important to check sender details carefully for even small changes. Be wary about any push back on requests to verify anything, or if you’re told to keep the request confidential,” Sibthorpe adds. 

What to look out for

Benjamin Cunliffe, Lead Product Manager, Wolters Kluwer Tax & Accounting, says: “Indicators may also be found within the invoice itself, including duplicate invoice numbers, unusual formatting, strange logos, wrong addresses, spelling or grammatical errors, vague descriptions of goods or services, or invoices that fall just below approval limits to avoid additional scrutiny.”

Inconsistencies across documentation – such as mismatches between invoices, purchase orders, delivery notes, or contract terms (including pricing, quantities, or VAT treatment) – should also be treated as warning signs, Cunliffe warns. 

Make sure you independently check the invoice and bank details using supplier information you already trust and have on file, then report it quickly through the usual internal channels. If a payment has already gone out, let management and the bank know immediately so there’s a chance of getting the money back.

Behavioural and timing factors can also raise concerns, for example where invoices are submitted outside normal business cycles, labelled as “urgent”, or accompanied by pressure to bypass standard controls, which is a common phishing tactic. 

What to do if you find a fake invoice

Remember - don’t panic. When an invoice raises concerns, it is important that finance teams pause processing and follow a clear, structured response. This should begin with independent verification of the supplier, using contact details already held on record rather than those provided on the invoice.

Organisations should have clear and accessible escalation routes, supported by a well-communicated whistleblowing policy, so that staff can report concerns without fear of reprisal.

Any concerns should then be escalated promptly to a manager, finance lead, or relevant fraud, compliance, or money laundering reporting officer, in line with internal policies and procedures. Throughout this process, keep evidence by retaining copies of the invoice and all related correspondence to support any subsequent investigation.

Preventive action

Organisations can cut the risk of fake invoices by: 

• tightening up supplier onboarding and verification, 
• keeping clear segregation of duties between who sets up vendors, who approves invoices, and who makes payments, 
• always independently checking any changes to bank details using trusted contact information and 
• ensuring staff are informed about what to look out for and how to escalate any concerns

“Preventive checks like three-way matching, duplicate invoice checks and limiting manual overrides should be standard practice, backed up by regular staff training and a culture where stopping a payment to doublecheck is encouraged,” Cunliffe adds.

Ongoing training and awareness programmes are essential to ensure finance and operational teams understand common invoice fraud tactics and feel confident challenging transactions that do not appear credible.

It is also important to perform regular reviews using data analytics to identify any duplicate payments, unusual activity patterns, or anomalies that warrant further investigation.

Always trust your gut, Sibthorpe says. “If an invoice looks suspicious or if something feels off, it’s worth raising. Whatever the outcome, log the incident or near miss so lessons can be learned and controls can be improved.”