Security & Fraud Hub

How can we help you today?
Contact

Supplier Impersonation

This one’s a masterclass in mimicry. A scammer poses as your trusted supplier, complete with lookalike domains and a tone that could win awards. They ask for a payment update. You oblige. The real supplier calls weeks later, wondering where their money went.

The Performance:

Display name spoofing. “From: Trusted Supplier.” Not quite.

Lookalike domains. vend0r.com instead of vendor.com. Subtle, no?

Invoice tampering. Real invoice, fake bank details.

Compromised accounts. The email thread is real. The request is not.

Security Advice:

  • Verify all changes. Call your supplier. Use the number you already have.
  • Educate employees. Especially those in finance. They’re the front line.
  • Separate duties. No one should approve and process high-value payments alone.
  • Use technology. Anti-phishing tools, AI fraud detection, and MFA. It’s not just for techies.
  • Report immediately. Time is of the essence. Call your bank. Alert the supplier. Notify law enforcement.
More Fraud articles

Help Centre