In a troubling trend sweeping across the business landscape, cyber criminals are turning to invoice fraud in order to target small and medium-sized businesses. 
 
These invoice fraud attacks involve customized, fraudulent invoices that appear to come from legitimate suppliers, complete with convincing mentions of new import fees, which were allegedly incurred during the shipping process.  
 
How the Scam Works 
 
The fraudulent invoices are designed to mimic communications from trusted vendors, rendering detection particularly challenging.

Another Version of This Scam

Arguably, the most frightening version of these types of scams involves both digital fraud and in-person social engineering.

As an example, yesterday, an employee may have received a package from a domestic delivery company. Today, a scammer might appear at the business's door and insist that the recipient did not pay a tariff on the package.

"Here's the receipt. Please provide tariff reimbursement," they may say.

It's a scam.

In some cases, cyber criminals are able to reference legitimate orders, enhancing the seeming credibility of the scams.  The scammers insist that unexpected regulatory changes or customs requirements have led to the additional fees.  
 
Because global shipping regulations and tariffs do change regularly, these claims may appear legitimate to email recipients. Think employees in a busy accounting department.  
 
Attack Impact 
 
The financial impact of these attacks can be devastating. The average loss from invoice phishing fraud exceeds $1M per year. 
 
Outside of the direct financial loss, these scams can damage supplier relationships and disrupt cash flow at critical moments.   
 
Smart Tips for Business Owners 

Businesses are encouraged to implement several protective measures. These include establishing strict verification protocols in reference to any changes in payment information, implementing dual-control authorization for payments above certain thresholds, and maintaining open communication channels with suppliers in regard to billing practices.  

Businesses should also train employees to look for red flags. Educate employees about these types of scams and let them know to look out for any unexpected fee increases, sudden changes to payment instructions and unusual urgency in payment requests. 
 
Further, implementing the right technology is a must. Many enterprises are turning to specialized email security platforms that can detect suspicious communications and flag potential fraud attempts before they reach employee inboxes.  

Protecting Your Business with Harmony Email & Collaboration 

Check Point’s Harmony Email & Collaboration offers a comprehensive solution that’s designed to protect businesses from sophisticated fraud attempts, like customized invoice fraud.  
 
The platform combines advanced threat prevention with seamless collaboration tools, creating a secure communication environment.  
 
Harmony’s AI-powered fraud detection technology can identify suspicious invoices and can flag potential scams before they reach business units; even after messages have been personalized extensively and carefully veiled.

The Harmony Email & Collaboration system analyzes communication patterns, verifies sender authenticity and automatically quarantines suspicious messages for review.  
 
As invoice fraud continues to evolve, having an intelligent, AI-powered system, like Harmony Email & Collaboration, isn’t just a technological investment – it offers peace of mind and manages your risk.  

Reach out to your local Check Point representative to learn more or get a demo here