Try it now, capture a real invoice
Free plan · No credit card · Your data stays yours
Invoice fraud is any scheme that uses a fake, altered, or duplicated bill to trick a company into sending money where it should not go. The most common examples are fictitious vendors, business email compromise where a criminal changes a supplier's bank details, duplicate invoices, inflated or padded bills, internal shell-company billing schemes, subscription and advance-fee scams, and pass-through kickback arrangements. Each one exploits the same weak spot: an accounts payable process that pays on the invoice alone, without independently confirming the vendor, the goods, and the bank account.
Payment fraud is widespread. Surveys of finance professionals consistently find that a large majority of organizations, roughly four in five in recent industry reporting, faced attempted or actual payments fraud in the prior year, and business email compromise alone accounts for billions in reported losses annually according to the FBI. Below are seven concrete invoice fraud examples, the red flag for each, and the control that stops it.
What is an example of invoice fraud?
A classic example of invoice fraud is a criminal emailing your accounts payable team, posing as a known supplier, saying their bank account has changed and asking that the next payment go to a new account. AP updates the vendor record and pays as normal, but the money lands in the fraudster's account instead of the supplier's. The invoice itself looks legitimate because the goods or services were real; only the destination was changed. This bank-detail swap, a form of business email compromise, is one of the costliest and fastest-growing invoice frauds today.
7 invoice fraud examples
1. The fictitious vendor
A fraudster, often an insider, sets up a fake supplier in your vendor master and submits invoices for goods or services that were never delivered. Because a real vendor record exists, the bills sail through. Red flag: a new vendor with a PO box address, no website, invoice numbers that always increment by one, and amounts kept just under an approval threshold. Control: verify and approve every new vendor before the first payment, and review the vendor master for duplicates and gaps.
2. Business email compromise (bank-detail change)
A criminal spoofs or hacks a supplier's email and requests that payment be redirected to a new bank account. Red flag: an urgent change-of-bank request, a slightly misspelled email domain, and pressure to pay before a deadline. Control: confirm any banking change by calling the vendor on a known phone number, never one from the request email, and require dual approval for vendor bank edits.
3. The duplicate invoice
The same invoice is submitted twice, sometimes with a tiny change like a different date or a trailing letter on the invoice number, and gets paid twice. This is often an honest error rather than malice, but it drains cash either way. Red flag: two invoices with the same amount and vendor close together, or the same invoice number with a minor variation. Control: automated duplicate detection that catches exact and fuzzy matches before payment. See how to find duplicate invoices.
4. The inflated or padded invoice
A real vendor bills for more than was delivered: higher quantities, higher unit prices, or line items for goods never received. Red flag: an invoice total that does not match the purchase order or the goods receipt. Control: three-way matching that compares the invoice to the PO and the receiving record and flags any variance for review.
5. The internal billing (shell company) scheme
An employee creates a shell company and submits invoices to their own employer for fake services. This is one of the most common and costly occupational frauds, and it can run for years when one person controls both vendor setup and approval. Red flag: a vendor whose only contact is an employee, invoices with vague descriptions, and payments approved by the person who set the vendor up. Control: segregation of duties so no single person can create a vendor and approve its payments.
6. The subscription or advance-fee scam
Your company receives an official-looking invoice for office supplies, a directory listing, or a domain renewal you never ordered, hoping AP pays on autopilot. Red flag: a bill with no matching purchase order, no internal requester, and a vendor no one recognizes. Control: never pay an invoice without a verified requester and, for anything material, a matching PO.
7. The pass-through or kickback scheme
An insider routes purchases through a middleman vendor that marks up the price, then splits the overcharge. Red flag: a new intermediary vendor between you and a supplier you used to pay directly, and prices higher than market. Control: periodic spend analysis and vendor audits to spot unnecessary intermediaries and price creep.
Invoice fraud examples at a glance
| Scheme | How it works | Key red flag |
|---|---|---|
| Fictitious vendor | Fake supplier billed for nothing delivered | New vendor, PO box, just-under-threshold amounts |
| Business email compromise | Payment redirected to a fraudster's bank | Urgent bank-detail change by email |
| Duplicate invoice | Same bill paid twice | Repeated amount or near-identical invoice number |
| Inflated invoice | Billed for more than delivered | Total does not match PO or receipt |
| Shell company | Insider bills employer for fake services | Vendor tied to one employee, vague descriptions |
| Subscription scam | Unordered official-looking bill | No PO, no requester, unknown vendor |
| Pass-through kickback | Marked-up middleman vendor | New intermediary, above-market prices |
How do you detect invoice fraud?
You detect invoice fraud by verifying three things on every payment that a fraudulent invoice cannot fake all at once: the vendor is real and approved, the goods or services were actually received, and the bank account belongs to that vendor. In practice that means approving new vendors before the first payment, running three-way matching against the purchase order and goods receipt, confirming any bank-detail change by phone, and screening for duplicates. Software helps by scoring every invoice against these checks automatically and holding anything suspicious for review. One of the strongest structural controls is to match every invoice to an approved purchase order before it can be paid, which stops fictitious, inflated, and unordered bills at the gate.
What is the most common type of invoice fraud?
Business email compromise, especially the bank-account-change variant, is among the most common and most damaging types of invoice fraud, because it targets legitimate payments and is hard to spot when the underlying goods were real. Duplicate payments and fictitious-vendor schemes are also very common, though duplicates are often error rather than deliberate fraud. Whichever hits first, the defense is the same: independent verification of vendor, goods, and bank account before money moves.
How automation reduces invoice fraud
Most invoice fraud succeeds because a busy AP team pays on the invoice alone. Automation closes that gap by checking every bill the moment it arrives: it flags duplicate invoice numbers, watches for changes to vendor bank details, matches invoices to purchase orders and receipts, and holds exceptions for a human to review. It does not replace judgment, but it makes sure no invoice reaches payment without passing the checks a fraudster is counting on you to skip. To see how those controls work as a product, explore invoice fraud detection software, and for the wider control framework read accounts payable fraud prevention.
Frequently asked questions
What is invoice fraud?
Invoice fraud is any scheme that uses a fake, altered, or duplicated invoice to trick a company into paying money it should not. It includes fictitious vendors, redirected bank details, duplicate bills, inflated charges, and internal shell-company schemes. The common thread is a payment made without independently verifying the vendor, the goods, and the destination account.
How can I tell if an invoice is fake?
Check whether the vendor is set up and approved in your system, whether there is a matching purchase order and goods receipt, and whether the bank details match what you have on file. Warning signs include urgent payment pressure, a recent change of bank account, a slightly misspelled email domain, vague line items, and amounts kept just under an approval limit. Confirm anything suspicious by calling the vendor on a known number.
What is the difference between invoice fraud and a duplicate payment?
Invoice fraud is deliberate deception to steal money, while a duplicate payment is usually an honest error where the same bill is paid twice. Both cost the company, and both are caught by similar controls, but only fraud involves intent. Duplicate detection and three-way matching help prevent each.
Who commits invoice fraud?
Invoice fraud is committed by outsiders, such as criminals running business email compromise scams, and by insiders, such as employees who set up shell companies or fictitious vendors. Insider schemes tend to run longer and cost more because the person understands the controls. Segregation of duties and vendor verification defend against both.
How do you prevent invoice fraud?
Prevent invoice fraud by approving new vendors before the first payment, confirming bank-detail changes by phone, requiring three-way matching against the PO and receipt, separating who sets up vendors from who approves payments, and screening every invoice for duplicates. Automating these checks means every bill is verified before payment rather than after.
For more on protecting your payables, see accounts payable internal controls, how to catch duplicate invoice payments, and the role of three-way matching in stopping fraud before you pay.