Bilal came to us for help following a complaint about a scam. He thought he was paying a supplier but instead had paid a fraudster who had accessed the supplier’s email account and intercepted the email chain with Bilal. Find out what happened and what we said.
What happened
Bilal is the director of a company. He has several regular suppliers which he pays quarterly. He received an invoice via email from one of those suppliers. The amount and the details he needed to pay were all as expected. A few minutes later he received a second email – seemingly from the supplier – instructing him to pay a different bank account and claiming the usual account was being ‘audited’ and couldn’t receive payments.
Bilal made a payment of £12,000 to the new account details. A few days later, the supplier got in touch asking why the payment hadn’t been made. It was revealed that Bilal hadn’t paid the supplier but a fraudster who had accessed the supplier's email account and intercepted the email chain with Bilal.
Looking back at the second email, Bilal did notice there were some small differences in the way the fraudster and one or two spelling errors, but he also noted that the email had actually come from the supplier’s email address.
Bilal’s bank said he hadn’t done enough checks before making the payment and had also ignored a scam warning during the payment process, so it declined to refund the payment.
What we said
We acknowledged there were slight differences between the genuine and fraudulent correspondence – but didn’t think this would have been apparent without a fairly careful inspection of the emails.
Though there were further checks Bilal might have carried out before making the payment (such as confirming the account details over the phone), we didn’t think that his failure to carry them out meant he lacked a reasonable basis for belief in making the payment.
We also didn’t think the scam warning the bank provided – in line with the requirements of the CRM Code – did enough to explain how a scam like this works, what it would look and feel like to the victim or what steps they could take to avoid falling for it.
Overall, we thought the bank hadn’t acted fairly in refusing Bilal’s claim and we asked it to refund him in full.
Some ways to help protect yourself against an invoice intercept scam
- ALWAYS confirm or check account details in person or on a trusted phone number, especially if they’ve recently changed.
- If an email doesn’t look or sound like you expect, or that it came from the sender, then treat it with caution. But be aware that fraudsters sometimes monitor email correspondence for some time and can be very good at impersonating communication styles and using personal information to make correspondence more believable.
- Fraudsters can impersonate people you know in lots of ways, not just over email. If you receive a request from someone you know that involves sending or receiving money, then ALWAYS double-check it came from them, using another communication method.