Scam script · Email / chat

Fake Invoice Business Email Scam Script

Emails impersonate a known supplier or service provider and send a realistic-looking invoice with changed bank details, causing businesses to pay thousands into a fraudster's account.

Last reviewed: 1 June 2026

Sanitized example messages

Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].

Please find attached invoice [number] for [amount] due [date]. Please note our banking details have changed. Please update your records and use the new details below for this and all future payments.

Hi [name], hope you are well. Quick admin note — we recently switched banks. The attached invoice should be paid to our new account: [fraudulent details]. Thanks for your continued business.

URGENT: Invoice [number] is now [number] days overdue. To avoid a late payment charge, please transfer [amount] to [fraudulent account] today. Remittance to [email].

Dear Finance Team, please process the attached invoice from [vendor]. Our new payment account details are listed on page 2. Please update your supplier records accordingly.

What the scammer wants

To intercept a legitimate business payment by convincing accounts-payable staff that a supplier has changed their bank details, redirecting the transfer to a mule account.

Red flags in the message

Notification that bank account details have changed, sent by email only
Slightly different email domain to the genuine supplier
Pressure to update records and pay quickly
No independent phone call to the supplier to verify the change
Invoice amount slightly different from expected

A safe response

Call the supplier using a phone number from your own records — not one in the email — to verify any change of bank details before updating your records or making payment.

What not to send

Payment to new bank details without verbal verification
Confirmation of account details by reply email
Payment ahead of the due date under pressure

What to do if you already replied

Call your bank immediately to attempt to recall the transfer
Inform your supplier so they can warn other clients
Report to Action Fraud or the FBI IC3 and preserve all emails

Evidence to preserve

Screenshot the full message or call details
Note the sender number, email, or profile
Save any links (without clicking) and payment details
Record dates and times

Sanitized example messages

Illustrative, sanitized examples. Personal details are replaced with placeholders such as [phone number] and [fake link].

Please find attached invoice [number] for [amount] due [date]. Please note our banking details have changed. Please update your records and use the new details below for this and all future payments.

Hi [name], hope you are well. Quick admin note — we recently switched banks. The attached invoice should be paid to our new account: [fraudulent details]. Thanks for your continued business.

URGENT: Invoice [number] is now [number] days overdue. To avoid a late payment charge, please transfer [amount] to [fraudulent account] today. Remittance to [email].

Dear Finance Team, please process the attached invoice from [vendor]. Our new payment account details are listed on page 2. Please update your supplier records accordingly.