Fake vendor and outsourced staff scams are designed to exploit everyday business processes, from paying invoices to hiring contractors. By appearing legitimate, scammers can trick employees into sending payments, sharing data, or granting system access.
1. Fake Vendors
Scammers create completely fabricated businesses and send invoices for products or services that were never ordered or delivered. These scams are designed to appear as legitimate business suppliers, but they are entirely fake entities created to steal payments.
2. Vendor Impersonation
Fraudsters pose as legitimate vendors your business already works with. They may request updated payment information or ask for invoices to be paid to a different account. In many cases, the goal is to redirect funds during normal business operations without raising suspicion. Vendor impersonation is just one of several scams that can put small businesses at risk.
3. Fraudulent Outsourced Staff or Contractors
Scammers pretend to be IT support personnel, consultants, or contractors to gain access to systems, collect sensitive information, or request upfront payments. This type of scam specifically targets hiring and onboarding processes to gain access under the appearance of legitimate work.
The goal of these scams is to redirect payments, steal business data, or gain unauthorized access to company systems.
Common Scam Tactics
1. Impersonation and Payment Change Requests
One of the most common tactics involves emails requesting “updated banking details” for ACH or wire payments.
2. Compromised Vendor Accounts
Some scammers gain access to legitimate vendor’s email accounts and use it to send realistic-looking payment requests.
3. Fake Invoices:
Businesses may receive invoices from vendors they do not recognize, often with professional formatting designed to appear legitimate.
4. Fake Contractors or Freelance
Individuals may pose as outsourced staff, consultants, or service providers. Once trusted, they may request upfront payment or attempt to gain access to business systems.
Red Flags to Watch For
- Sudden changes in payment instructions
- Urgent or last-minute invoice requests
- Email domains that are slightly altered
- Requests that bypass normal approval processes
- New vendors without proper onboarding documentation
A Common Scam
A business receives an email from a “vendor” requesting updated ACH payment information. The email appears legitimate, so an employee updates the payment details without verifying the request.
The next payment is sent, but the funds are redirected to the scammer’s account. Later, the real vendor follows up regarding the missing payment.
How to Protect Your Business
- Implement dual approval processes
- Maintain an approved vendor list
- Train employees
- Limit system access
- Regularly audit vendor activity
Quick action can help reduce financial losses and present additional fraud. Contact your bank immediately to attempt to stop or recover funds.