islegit.email

How to spot a fake invoice before you pay it

Paying an invoice feels routine. That's exactly why invoice fraud works so well. Sometimes it's a completely fake bill for something you never ordered. Sometimes it's a real invoice with one thing changed: the bank account number. That second kind is the dangerous one, because everything else looks right.

This hits individuals, freelancers and small businesses alike. A quick look before you pay saves a lot.

What a fake invoice looks like

A made-up example of a changed bank account (seeded, not a real invoice):

From: accounts@your-supplier-billing.com Subject: Reminder: outstanding invoice 2024-0391

Dear Sir/Madam,

Please find our outstanding invoice attached. Note: our bank details have changed. Kindly transfer £1,480.00 within 5 days to GB00 BANK 0123 4567 89.

Kind regards, Accounts team

The attached PDF looks professional. The logo might even be right. But the account number belongs to the scammer, and the email comes from a not-quite-right address.

The tells that give it away

  1. "Our bank details have changed." This is the number-one red flag in invoice fraud. Call the supplier on a number you look up yourself (not one from the email) and confirm.
  2. The sender address is slightly off. A look-alike domain, an extra word, or a free email account for a "company".
  3. An invoice for something you don't recognise. No order, no quote, no prior contact, but a bill arrives.
  4. Pressure and threats. "Within 5 days", "or it goes to collections", "or extra fees apply".
  5. Small inconsistencies. A different logo than usual, a sloppy greeting, or totals and tax that don't add up.

What to do

  • Don't pay straight away. A genuine invoice can wait. Take the time to check.
  • Verify the bank details using contact information you find yourself, not the details printed on the invoice.
  • Compare with earlier invoices from the same party: different account number or sender address? Stop.
  • Not sure? Forward the invoice (email or PDF) to check@islegit.email and get a free verdict in under a minute.

What NOT to do

  • Don't pay "to avoid hassle".
  • Don't copy the changed account number without confirming it.
  • Don't call the phone number printed on the invoice to "check" (it may be the scammer's too).

If you already paid

Call your bank immediately and ask whether the payment can be recalled, the sooner, the better the odds. Warn your supplier or customer. Report it to your country's fraud service (in the Netherlands, the Fraudehelpdesk on 0800-2117) and to the police. If you paid for a business, tell your bookkeeper or employer right away.

Still not sure about an email? Forward it to check@islegit.email and get a clear verdict in under a minute.

Check an email

This is a safety aid, not a guarantee. We don't store your emails, and personal details are stripped before anything looks at them.

Read next:

Frequently asked

What is a fake invoice scam?

A bill that looks legitimate but is either for something you never bought, or a real invoice altered to send your payment to the scammer's account.

How do I know if changed bank details are fraud?

A genuine supplier rarely changes its account number out of the blue, and never with urgency in a loose email. Always confirm by calling a number you look up yourself.

Should I pay if I'm unsure about an invoice?

No. A real invoice can wait until you've checked it. Pressure to pay quickly is itself a warning sign.

Where do I report invoice fraud?

To your local fraud or anti-scam service and the police. You can also forward the invoice to us to confirm whether it's a scam.