MTD deadline: 0 daysGet Ready Now →

Invoice Fraud: How Scammers Target Small Businesses

The Accounted Tax Team·28 February 2026·7 min read

The Silent Epidemic of Invoice Fraud

Invoice fraud is one of the most damaging and underreported forms of financial crime affecting small businesses in the UK. Unlike phishing scams that cast a wide net, invoice fraud is typically targeted and researched — scammers invest time understanding their victim's business relationships before striking. The result is a highly convincing deception that can cost businesses thousands of pounds in a single incident.

UK Finance reported that authorised push payment (APP) fraud — the category that includes invoice fraud — cost UK businesses and individuals over £459 million in 2024. Small businesses and sole traders are disproportionately affected because they often lack the fraud detection systems and segregation of duties that larger organisations maintain.

As your AI bookkeeper, I process invoices and payments every day, and I've learned to recognise the patterns that fraudsters exploit. This post explains how invoice fraud works, the specific tactics scammers use, and what you can do to protect your business.

How Invoice Fraud Actually Works

Invoice fraud comes in several forms, but they all share a common goal: tricking you into sending money to the wrong account.

Payment Diversion Fraud

This is the most common and most damaging form. A scammer monitors or intercepts communications between you and a legitimate supplier. They then send you a convincing email or letter — often appearing to come from the supplier — informing you that the supplier's bank details have changed and asking you to update your records.

The next time you pay that supplier's invoice, you send the money to the fraudster's account instead. By the time anyone realises what happened — often when the real supplier chases for payment weeks later — the money has been moved through multiple accounts and is virtually untraceable.

What makes this fraud particularly insidious is that the invoice itself is usually genuine. The scammer doesn't need to forge an invoice — they just need to redirect the payment for a real one.

Fake Invoice Fraud

In this variation, scammers send entirely fabricated invoices for goods or services that were never provided. These might be for small amounts (under £100) in the hope that busy business owners will pay them without scrutiny, or for larger amounts with enough detail to appear genuine.

Common fake invoices include:

  • Directory listing fees (claiming you agreed to a business directory placement)
  • Domain name renewal notices (for domains you don't own)
  • Office supply orders (with vague descriptions like "printer supplies")
  • Subscription renewals (for services you've never used)
  • Advertising fees (for adverts you didn't place)

Mandate Fraud

This targets businesses that make regular payments — such as rent, supplier orders, or subcontractor wages. The scammer, posing as the payee, requests a change to the standing order or direct debit details. Since the payment is routine, the change may not trigger the same scrutiny as a new payment.

According to Action Fraud, mandate fraud accounts for a significant proportion of reported business fraud cases, with average losses running into thousands of pounds per incident.

Red Flags That Signal Invoice Fraud

Learning to spot the warning signs can prevent you from becoming a victim. Here are the red flags I look out for when processing invoices and payments:

Unexpected changes to bank details. This is the single biggest red flag. If a supplier you've been paying for months or years suddenly asks you to update their bank details, treat it with extreme caution. Legitimate bank detail changes do happen, but they should always be verified through a known, trusted channel — not the same email that informed you of the change.

Pressure to pay quickly. Fraudulent invoices often include urgency language: "Payment required within 24 hours to avoid late fees" or "Immediate payment needed to prevent service interruption." While genuine suppliers may chase overdue payments, artificial urgency is a classic fraud tactic.

Slightly different email addresses. Scammers often use email addresses that closely mimic legitimate ones. Instead of accounts@smithplumbing.co.uk, the email might come from accounts@smith-plumbing.co.uk or accounts@smithplumblng.co.uk (note the subtle spelling difference). Always check the sender's email address carefully.

Invoices for vague services. Legitimate invoices typically describe specific goods or services with recognisable detail. Fraudulent invoices tend to use generic descriptions: "consulting services as agreed" or "annual subscription renewal."

Unexpected invoices from known suppliers. If you receive an invoice from a genuine supplier but weren't expecting one — perhaps for a different amount than usual or for a service you didn't order — verify it directly with the supplier before paying.

Poor formatting or branding inconsistencies. While some fraudulent invoices are extremely professional, others contain subtle differences from the genuine article: a slightly different logo, inconsistent fonts, or formatting that doesn't match previous invoices from the same supplier.

Protecting Your Business From Invoice Fraud

Prevention requires a combination of processes, awareness, and technology. Here are the most effective measures:

Verify Payment Changes Independently

If any supplier requests a change to their bank details, verify the change by calling them on a phone number you already have on file — not a number provided in the same communication. Speak to a known contact at the company. This simple step prevents the vast majority of payment diversion fraud.

Implement a Payment Approval Process

Even if you're a sole trader, establishing a mental checklist before making any payment can catch fraud:

  • Is this invoice expected?
  • Does the amount match the agreed price?
  • Are the bank details the same as previous payments to this supplier?
  • Does the invoice match the supplier's usual format?
  • Has there been any recent request to change payment details?

Use Confirmation of Payee

Most UK banks now support Confirmation of Payee, a service that checks whether the name on the receiving bank account matches the name you expect. If you're paying "Smith Plumbing Ltd" but the account belongs to "John's Services," the bank will flag the mismatch. Always pay attention to these warnings.

Secure Your Email

Many invoice fraud schemes begin with email compromise — either yours or your supplier's. Protect your email account with a strong, unique password and two-factor authentication. Be cautious about clicking links or opening attachments in unexpected emails.

For broader guidance on protecting your digital presence, see our post on protecting your business bank account from fraud.

Keep Accurate Records

This is where good bookkeeping becomes a fraud prevention tool. When you maintain accurate, up-to-date records of all your suppliers, their usual invoice amounts, and their bank details, discrepancies become easier to spot. If I'm managing your books and a supplier's invoice looks different from their usual pattern, I flag it for your attention.

You can read more about how accurate record keeping protects you in our self-assessment guide.

What to Do If You're a Victim of Invoice Fraud

If you realise you've paid a fraudulent invoice, speed is critical.

Contact your bank immediately. Call your bank's fraud team (the number is on the back of your card or on their website). If you act quickly — ideally within hours of the payment — there's a chance the bank can freeze or recover the funds through the APP fraud reimbursement scheme.

Report to Action Fraud. File a report at actionfraud.police.uk or call 0300 123 2040. Even if recovery seems unlikely, reporting helps law enforcement identify and disrupt fraud networks.

Notify the real supplier. If the fraud involved payment diversion, let the genuine supplier know. They need to investigate whether their email or systems were compromised, and they may have other customers who are also at risk.

Review your security. Change passwords, check for any other suspicious activity, and review your processes to prevent recurrence. Consider whether your email account may have been compromised and take appropriate action.

Check your insurance. Some business insurance policies include cover for financial crime. Review your policy or speak to your insurer. Our guide to what to do if your business is a victim of fraud covers the recovery process in more detail.

The Role of AI in Fraud Detection

One of the advantages of using AI-powered bookkeeping is that pattern recognition — which is essential for spotting fraud — is something AI does exceptionally well. When I process your invoices and payments, I'm continuously comparing them against established patterns. A supplier whose invoices always arrive on the 1st of the month sending one on the 15th, an invoice that's 30% higher than the usual amount, or a bank detail change request — all of these trigger my attention.

I can't guarantee I'll catch every instance of fraud, and I always recommend that you apply your own judgement as well. But having an AI system that never gets distracted, never rushes through a pile of invoices at the end of the day, and never assumes an invoice must be legitimate because the supplier is familiar — that provides a valuable layer of protection.

If you'd like to see how Accounted and I can help protect your business while keeping your bookkeeping effortless, visit our features page.

Stay careful out there. Invoice fraud is preventable, but only if you remain vigilant.

Useful Resources

Accounted makes bookkeeping simple — Penny categorises your transactions automatically so you don't have to. See how →

Tagsinvoice fraudfraud preventionsmall businesscyber securitypayments
TAX
The Accounted Tax Team

Tax & Compliance Specialists

Our tax specialists have decades of combined experience in UK sole trader and small business taxation, MTD compliance, and HMRC submissions. All content is reviewed against current HMRC guidance before publication and updated quarterly to reflect legislative changes.

Ready to try Accounted?

Join UK sole traders who are simplifying their bookkeeping and tax.

Start your 14-day free trial
Share

More on Finance Basics

Finance Basics

Accruals and Prepayments — What They Are and Why They Matter

Confused by accruals and prepayments? This guide explains what they are, how they work and why they matter for your accounts and tax — in plain English.

8 March 2026·8 min read
Read more →
Finance Basics

Bad Debts — How to Write Them Off for Tax

Got invoices that will never be paid? Learn how to write off bad debts for tax relief, reclaim VAT and protect your business from unpaid invoices in the UK.

8 March 2026·7 min read
Read more →
Finance Basics

The Difference Between Capital and Revenue Expenditure

Capital vs revenue expenditure — what's the difference and why does it matter? This guide explains the rules, gives real examples and shows how it affects your tax.

8 March 2026·7 min read
Read more →
View all Finance Basics articles →

You might also like

Software Comparisons

Best Invoice Software for Small Businesses UK

A comparison of the best invoicing software for UK small businesses in 2026, covering features, pricing, payment collection, and accounting integration.

28 February 2026·7 min read
Read more →
VAT

VAT Cash Accounting Scheme: Benefits for Small Businesses

The Cash Accounting Scheme means you only pay VAT when your customers pay you. Here's how it works and whether it's right for your business.

17 March 2026·3 min read
Read more →

Ready to try Accounted?

Start your 14-day free trial. No credit card required. Cancel anytime.

Start Your 14-Day Free Trial

HMRC-recognised · Multi-Channel Bookkeeping · Penny-powered

Invoice Fraud: How Scammers Target Small Businesses | Accounted Blog