Skip to main content

Listen up, because what I’m about to tell you could save your business thousands – or even millions – of dollars.

You’ve probably heard about phishing. You might even think you’re too smart to fall for those obvious scams. But here’s the cold, hard truth: Payment Diversion Fraud has evolved, and it’s not just the gullible who are falling victim anymore.

I’ve seen countless savvy business owners get burned by these sophisticated fraudsters. Why? Because they didn’t know what to look for.

Let me paint you a picture. Imagine you’re sitting at your desk, sifting through emails. You spot one from a long-time supplier. They’re asking you to update their payment details for future transactions. Seems routine, right? WRONG.

This, my friend, is where the trap is sprung.

These criminals aren’t just shooting in the dark anymore. They’re doing their homework. They’re creating email addresses that look legitimate at first glance. They’re crafting invoices that could fool even the most eagle-eyed accountant. And they’re using social engineering tactics that would make a CIA operative blush.

But here’s the kicker – and pay attention, because this could save your bacon…

These fraudsters aren’t just relying on technology. They’re exploiting the human element – your employees, your processes, and even you.

Let me break it down for you:

  1. Email Masquerade: They’re not just using “johndoe@gmail.com” anymore. They’re creating addresses like “john.doe@your-supplier-name.com“. Spot the difference? Neither will most of your staff.
  2. Invoice Forgery: These aren’t your grandpa’s poorly photocopied bills. We’re talking pixel-perfect recreations of your actual supplier’s invoices. Right down to the logo and account numbers.
  3. Social Engineering: This is where it gets really devious. They’re researching your company, your suppliers, even your employees’ social media. They know when your CFO is on vacation and who’s covering for them. They know your lingo, your processes, your pain points.

Now, I can almost hear you thinking, “That won’t happen to me. I’m too careful.”

Well, let me tell you something – that’s exactly what every victim thought before they lost their shirt.

But don’t panic. I’m not here to scare you (well, maybe a little). I’m here to arm you with knowledge. Because knowledge, my friend, is your best defense against these digital desperados.

So, what can you do? Here are three action steps you need to implement TODAY:

  1. Verify, verify, verify: Never – and I mean NEVER – change payment details based on an email alone. Pick up the phone and call your supplier directly. Use the number you have on file, not the one in the email.
  2. Train your team: Your employees are your first line of defense. Invest in regular training sessions. Make sure everyone, from the intern to the CEO, knows what to look for.
  3. Implement a dual-check system: No single person should have the power to change payment details or authorize large transactions. Always have a second set of eyes on these processes.

Remember, these fraudsters are playing a numbers game. They don’t need to fool everyone – just one person, one time. Don’t let that person be in your organization.

Now, I know what you’re thinking. “Dan, this sounds like a lot of work.” And you’re right, it is. But let me ask you this: How much work would it be to explain to your board why you just wired a million dollars to a fraudster’s account?

The choice is yours. You can either put in the work now or pay the price later. And trust me, the price is a lot steeper than you think.

So, what’s it going to be? Are you going to bury your head in the sand and hope it doesn’t happen to you? Or are you going to take action and protect your business?

The clock’s ticking. What are you going to do?