Supplier impersonation
Fraud in which a criminal poses as a known supplier, by email, letter or altered invoice, to redirect payment or extract sensitive account information.
Supplier impersonation is fraud in which a criminal poses as a known supplier, by email, letter or an altered invoice, to redirect payment or extract sensitive account information. It relies on the existing trust between a buyer and a supplier rather than breaking into any system.
The impersonation can be crude or sophisticated, from a lookalike email domain to a faithful copy of a real supplier's invoice template. What makes it effective is context: the buyer is expecting an invoice from this supplier, so a fraudulent one does not raise suspicion.
Confirming the supplier's identity and bank details independently, rather than from the contact details on the suspicious message, is what breaks the deception.