Forged Invoice and Payment Diversion Fraud

How Forged Invoice and Payment Diversion Fraud Works

Overview: Forged invoice fraud involves criminals crafting fake or altered bills that appear to be from legitimate vendors or partners. These invoices trick Indian companies into making payments into fraudulent accounts, often diverting funds meant for actual suppliers. Such scams are damaging both financially and reputationally. How It Works: Scammers create invoices with authentic branding and references to past deals, often using details sourced from hacking, phishing, or disgruntled employees. They email or courier these documents to accounts or finance teams, sometimes calling to reinforce urgency. The recipient is pressured to complete payments promptly due to 'pending shipment' or 'overdue dues.' India Angle: This scam exploits Indian business practices of relying on physical paperwork and digital scans for verification. Industries in Gujarat, Maharashtra, and NCR are regularly targeted, especially where supply chains are complex and involve many vendors. Real Examples: An Ahmedabad-based trader receives a courier containing an invoice for 'urgent customs clearance', complete with genuine-looking letterhead. In a rush, and under pressure from follow-up calls, the payment is sent to a new account that does not belong to the actual vendor. Red Flags: 1. New payment details for recurring vendors. 2. Typos or unusual language in invoice text. 3. Discrepancy between invoice and usual transaction patterns. 4. Pressing for quick settlement due to penalties. Protective Measures: - Verify any new payment instructions directly with vendor contacts. - Scrutinise invoices for accuracy and consistency. - Adopt digital tools to check invoice authenticity. - Regularly update and cross-check bank details on record. If Victimised: - Contact your bank for payment recall. - File a case at cybercrime.gov.in or by calling 1930. - Notify your vendors immediately to prevent repeat abuse. Related Scams: - Business documentation forgery - E-commerce B2B invoice fraud

How This Scam Works — Detailed Explanation

Forged Invoice and Payment Diversion Fraud primarily targets companies in India, often beginning with the leaking of sensitive information about past transactions. Scammers might hack into email accounts of legitimate vendors or use phishing techniques to acquire sensitive details. They frequently take advantage of platforms like WhatsApp or email communication to reach out to unsuspecting employees of organizations. By crafting invoices that include exact branding and references to legitimate past dealings, scammers create a facade of authenticity that deceives their victims. Often, they utilize old transaction data that they have retrieved through nefarious means, giving the impression that they are trustworthy suppliers.

In their approach, the criminals employ specific psychological tactics to manipulate their victims. They may create a sense of urgency by warning of penalties for delayed payments or threatening issues concerning clearance processes. This urgency reduces the timeframe for decision-making, prompting employees to bypass standard verification steps. Moreover, invoices often contain familiar logos and styles, making them look official. Under pressure, several employees skip crucial checks, including verifying bank details against previous transactions, thus falling prey to these scams. The sophistication of communication can be overwhelming, making it hard for even experienced professionals to suspect foul play.

Once the victim company receives the forged invoice, the immediate step is often initiating a payment transfer. The invoice will request payment to what appears to be the vendor's bank account but is actually controlled by the scammer. For instance, a recent case involved an Indian startup that transferred ₹2 crore to a fraudulent account after receiving an email invoice that seemed to come from a familiar supplier. Following the payment, victims often experience an initial moment of relief, believing they have completed a routine transaction. However, within days, genuine suppliers contact them inquiring about unpaid invoices, revealing the deception and prompting distress, as the funds disappear into unknown channels.

The real-world impact of such scams can be staggering. According to various reports, Indian businesses collectively lost about ₹80 crore in 2022 due to different invoice-related scams. Authorities, including the Ministry of Home Affairs (MHA) and the Reserve Bank of India (RBI), have issued guidelines to help businesses better recognize and respond to these threats. CERT-In has also made advisories concerning cybersecurity measures that companies should adopt to protect themselves. Beyond financial impacts, the reputation of the affected companies often suffers due to associations with fraud, leading to lost customers, distrust, and decreased future business opportunities.

Spotting a forged invoice amid legitimate communications can be challenging but is critical. First, watch for inconsistencies in payment requests, such as a sudden change in bank details or unusual urgency in payment timelines. Grammar and spelling errors often signal a scam; professional invoices typically lack such mistakes. Furthermore, ensure that any requests for payment align with established payment patterns. Always confirm transactions with known contacts through verified channels, rather than through links or numbers provided in suspicious emails or messages. Taking these steps significantly lowers the risk of falling victim to this type of fraud.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Forged Invoice and Payment Diversion Fraud Target?

General public across India

Red Flags — How to Identify Forged Invoice and Payment Diversion Fraud

• Invoice with new bank details
• Frequent spelling/grammar mistakes
• Payment urgency for penalties or clearance
• Inconsistencies in usual transaction data

What To Do If You Encounter Forged Invoice and Payment Diversion Fraud

1. Report any suspicious invoice immediately to the cybercrime helpline 1930 or visit cybercrime.gov.in.
2. Contact your bank directly using authorized helpline numbers to report unauthorized transactions (SBI: 1800-11-1109, HDFC: 1800-202-6161).
3. Verify invoices through established communication channels with the vendor before processing payments.
4. Implement dual authorization for payment transactions, requiring approval from multiple personnel.
5. Educate your employees about the signs of forged invoices and hold regular training sessions on cybersecurity.
6. Monitor your financial accounts regularly for any unusual transactions and report them promptly.

How to Report Forged Invoice and Payment Diversion Fraud in India

• Call 1930 — National Cyber Crime Helpline (24x7)
• File a complaint at cybercrime.gov.in
• Contact your bank immediately if money was lost
• Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I received a forged invoice and made a payment?

Immediately contact your bank using their helpline number to stop the payment if possible. Then report the incident at cybercrime.gov.in or call 1930 for assistance.

How can I identify if an invoice is forged?

Look for discrepancies in bank details or payment urgency, spelling mistakes, and requests that are inconsistent with past transactions.

How to report forged invoice scams in India?

You can report these scams by calling 1930, visiting cybercrime.gov.in, and also informing your bank to avoid further losses.

What steps can I take to recover money lost in a forged invoice scam?

Contact your bank immediately to see if they can reverse the transaction, and report the matter to 1930 for further investigation. Maintain all records and communications related to the fraud.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.