Welcome to 2022, where everything has gone digital. Along with ordering girl scout cookies, marketing your business, and writing elegant love letters, paying invoices by check now happens online. To avoid those credit card processing fees, many businesses now both accept and prefer to receive payments via bank transfer, also commonly known as an EFT (Electronic Funds Transfer).
Many invoice management programs such as QuickBooks make EFT payments extremely convenient for the payer as well as the recipient. The days of nervously loading the check into the printer and then sheepishly shredding it afterward, are gone. After entering just the Routing and Account number, bills can be paid with the click of a mouse.
Incredibly convenient? Yes. Perfect for scammers? A million times, yes.
The scam goes like this: you receive an email from the invoicing department at one of your trusted vendors. This may be someone you correspond with regularly, and with whom you have shared a delightful history of successful payments. This person, with their familiar email signature, the same set of contact information, links, and inspirational quotes, will have a simple request for you.
It may look like this:
“[Vendor Name] recently modified and upgraded its banking relationship. As part of this upgrade, we appreciate your assistance to direct your payments to a new banking information. We appreciate your cooperation in making this change to your records. Please advise so I can send you the new updated banking information. We would prefer ACH and wire payments in lieu of paper checks. (p.s.: There is an ongoing new year 10% discount on all outstanding payments made via EFT.)”
“No problem,” you think. Bank accounts change in the normal course of business, and since this change is now incredibly easy to make, we’ll just do it right now before our next meeting. We’ll also get those last few invoices paid so we can take advantage of that 10 percent discount! Easy, and done.
But there’s a catch.
As with all scams, catching it early is better than catching it late, but the only guaranteed way to keep your money is to catch it before it even happens.
It wasn’t your trusted vendor. If you look closely, that email address that usually ends in “.co” ended in “.com” this time. Or maybe the number that usually appears as a “1” was written as a “one.” But who has the details of every vendor’s email address memorized? Isn’t that what auto-complete is for?
Their tone was a little different, too. Not the obviously broken-English with the random capitalizations, missing punctuation, and exorbitant order requests that we’re accustomed to finding in our Spam folders. It was still conversational, but a little different, nonetheless.
A few weeks later, the real, trusted vendor reaches out regarding that unpaid invoice. The one that was, wait a minute, already paid … right? To that new bank account and routing number that you emailed to me, right? At least, I thought it was you? Ruh-roh.
By then, it’s too late.
As with all scams, catching it early is better than catching it late, but the only guaranteed way to keep your money is to catch it before it even happens. Prevention is key, and here are a few tips to avoid becoming another case study:
Most importantly, trust your instincts. Sometimes emails just don’t seem right. If you have any doubts at all, get out that magnifying glass, trench coat, and notepad, and start investigating!
To report a scam, or for more information visit: How to Report Fraud, by the Federal Trade Commission, at reportfraud.ftc.gov.
Christine Mealy is a support services coordinator at YellowDog, Denver’s award-winning print and design studio. In her seven years of managing the general company inbox, she has seen it all. With a knack for recognizing spam, scams, and other nefarious emails, she especially enjoys crafting scathing replies and fooling them right back.