Invoices & Payment Scams

How to spot a fake invoice or payment demand

Not every invoice or payment request is suspicious — but fake invoices are increasingly convincing. Supplier impersonation, changed bank details, and fraudulent payment demands cost UK individuals and businesses millions every year. Here's what to look for before you pay.

Quick answer

Fake invoices and fraudulent payment requests often look identical to the real thing. The biggest red flag is a request to use new or changed bank details. Always verify payment details through a contact route you already know — not using phone numbers, email addresses or bank account details supplied in the suspicious message itself.

Not all payment requests are scams. Invoices, bills and payment demands arrive legitimately every day — from suppliers, landlords, utility companies and service providers. This guide is not about treating every invoice with suspicion. It's about knowing when something deserves a closer look, and what to do when the warning signs appear.

What fake invoice fraud looks like

There are two main types of invoice fraud worth knowing about.

The first is supplier impersonation: a criminal emails you pretending to be one of your existing suppliers. The email looks exactly like previous correspondence — correct logo, familiar wording, accurate invoice details — but the bank account details have been quietly changed. The money goes to the fraudster.

The second is invoice redirect fraud: a criminal intercepts genuine communication between you and a supplier and alters the payment details before forwarding the invoice. In this case even the supplier may not know until both parties compare notes.

Both types are increasingly common and can affect individuals as well as businesses — anyone who pays tradespeople, solicitors, landlords, or small suppliers is potentially at risk.

The biggest red flag: changed bank details

If a supplier or payee contacts you to say their bank details have changed, treat this with significant caution — even if the email looks completely genuine.

Legitimate organisations do occasionally change their banking arrangements. But any bank-detail change request deserves independent verification before you act on it. That means calling the supplier using a phone number you already have — from your records, not from the email — and confirming the change with someone you know.

Do not use the phone number in the email. If the email is fraudulent, the number may connect to the scammer, who will confirm the change with confidence.

Warning signs to look for

  • The bank details are different from previous invoices from the same supplier
  • The email comes from a slightly different address — the domain may look similar but not identical to the genuine supplier
  • The invoice arrives unexpectedly or for an amount that doesn't match what you agreed
  • There's unusual urgency — you're asked to pay immediately or before a tight deadline
  • The email asks you to pay via an unusual method — bank transfer instead of card, or cryptocurrency
  • The sender asks you to keep the change confidential or not to tell colleagues
  • The Reply-To address is different from the sender address
  • The sender domain is slightly different — billing@company-invoices.com rather than billing@company.com
  • You've been asked to update payment details via a link rather than providing them directly
Example — bank-detail change fraud
From: accounts@smithsplumbing-invoices.com

Subject: Important: Updated bank details — please action before your next payment

Dear [Name],

Please note that we have changed our banking provider. Please update your records and use the following details for all future payments...

Note the sender domain: smithsplumbing-invoices.com — not smithsplumbing.com. Subtle differences like this are easily missed.

How to verify a payment request safely

The safest rule: verify before you pay, using a contact route you already trust.

  • Call the supplier using a number from your own records — your address book, a previous email thread, or their official website found by searching independently
  • Speak to a specific person you've dealt with before, not just whoever answers
  • If you receive a bank-detail change, confirm with someone senior at the organisation — not just a reply to the original email
  • Check the sender's email domain character by character against their previous correspondence
  • If you're paying a solicitor or conveyancer, verify bank details directly with the firm before any transfer — conveyancing fraud is a significant risk at completion

Do not call the phone number in the email, click any link in the email, or reply to the email to verify it. If the email is fraudulent, all of those contact routes may be controlled by the fraudster.

What to do if you've already paid

If you think you've paid a fraudulent invoice, act immediately:

  1. Call your bank right now using the number on the back of your card or through your official banking app — not a number from the email
  2. Tell them you've been a victim of payment fraud and ask them to try to recall the payment
  3. Report the fraud to Action Fraud at actionfraud.police.uk or 0300 123 2040
  4. Contact the genuine supplier to let them know — they may have other affected customers
  5. Preserve all emails and records related to the transaction
  6. Do not attempt to contact the fraudster directly

Speed matters. Banks have some ability to recall payments if contacted quickly — this window closes fast. The sooner you call, the better the chance of recovering the funds.

Not sure about a payment email or invoice?

Paste the email text into Summarly. It will explain what the message appears to say, flag sender mismatches, unusual payment requests, and other warning signs — in plain English.

Check a payment email

Frequently asked questions

How do I know if an invoice is fake?

Key warning signs include: bank details different from previous invoices, a sender email domain that doesn't exactly match the supplier's real domain, unusual urgency, and requests to pay via unusual methods. If anything feels off, verify directly with the supplier using contact details you already have — not the details in the email.

What should I do if bank details have changed?

Treat any bank-detail change request with caution, even if it looks genuine. Call the supplier directly using a number from your own records — your address book, a previous email thread, or their official website. Confirm the change with someone you know there. Do not use the phone number provided in the email requesting the change.

Should I call the phone number in the email?

No. If the email is fraudulent, the phone number in it may connect to the scammer — who will confidently confirm whatever you ask. Always use a contact number you already have for the supplier, found independently through your records or their official website.

What if I already paid a fake invoice?

Contact your bank immediately using the number on the back of your card or your official banking app. Ask them to attempt a recall of the payment. Report the fraud to Action Fraud at actionfraud.police.uk or 0300 123 2040. Act as quickly as possible — the window for payment recovery closes fast.

Can fake invoices look completely professional?

Yes. Fraudulent invoices often copy the exact branding, logo, layout and reference numbers of the genuine supplier. A professional appearance is not evidence of legitimacy. The details that matter most are the sender domain, the bank details, and whether you can verify the request through an independent contact route.

Related guides

Why Reply-To addresses matter How to spot a phishing email How to check if a letter is from a genuine organisation What to do if you clicked a suspicious link How to use Summarly to check a suspicious message
↑ Back to top