2 min read
How the fraud works
A fraudster emails your accounts team, impersonating a genuine supplier, and says their bank details have changed. Your next payment goes to the scammer. It often follows a compromised or spoofed email account, and the invoices look convincing.
The controls that stop it
Never change supplier bank details on an email alone. Call the supplier on a number you already have on file, not one in the email. Require two people to approve any bank-detail change or large payment. A protected cash position and a cash buffer soften the blow if one slips through.
What it means for you
Credicorp lends to your company, not to you personally, and takes no personal guarantee. See business loans or apply online.
Frequently asked questions
How do fraudsters get supplier details right?
They often compromise or spoof a real email account, so the request looks authentic. That is why verification must happen on a separate, known channel.
What single control helps most?
Call-back verification on a trusted number for any change of bank details, combined with two-person approval for payments.
Related reading

How do I protect my business from a bad debt?
Reduce bad-debt risk by checking customers before extending credit, setting firm terms, chasing early, and…
Read →
What is authorised push payment (APP) fraud?
APP fraud is where you are tricked into authorising a payment to a scammer yourself — because you approved…
Read →
How do I reduce payment fraud in my business?
Dual authorisation, call-back verification of new payees, and clear limits on who can move money block most…
Read →
A customer is disputing a large invoice and withholding payment — how do I cope with the cash gap?
A disputed invoice can freeze a large receipt for weeks; a short facility covers the gap so a single dispute…
Read →Funding for UK limited companies
Credicorp lends to your company, not to you personally — short-term working capital with no personal guarantee. See what your business could access.