What is it?

These scams happen when criminals pose as a regular supplier and persuade you to change the bank account details you hold on file. You’re then tricked into sending money to the account which is controlled by a criminal rather than the genuine supplier.

Criminals carry out extensive research about your business to find out who your suppliers are and when regular payments are due. These scams often involve a criminal intercepting emails, gaining access to your supplier’s email account or spoofing their emails.

The fraud is often only discovered when the legitimate supplier of the product or service chases for non-payment. At that point recovery of the funds from the fraudulent account is very difficult.

How to spot an invoice and mandate scam?

  1. You receive a request out of the blue to change the bank details of an existing supplier
  2. You receive more frequent than usual or duplicate invoices for a product or service

Example of an invoice and mandate scam

Ahmed*, a finance manager at a marketing agency, received an invoice for £1,350 from a software company to renew the business’s subscription. The email stated that the invoice was 90 days overdue and immediate payment was required to avoid cancellation. The software was business critical.

Ahmed had several deadlines approaching. With several team members away, he was overstretched and working late most days. Without confirming the bank details with the company, he immediately logged onto his business’s online banking and proceeded to pay the outstanding invoice using the account details provided in the email.

A couple of weeks later, Ahmed received another email from the software company requesting payment for the business’s subscription renewal. Confused he then checked the bank statement and could see he’d made the payment.

Ahmed checked the bank details for XY software stated in previous invoices against those he’d made payment to and realised they were different. He had just lost the business £1,350 due to his carelessness.

*Case studies are based on insights from partners

If you believe you’ve fallen for a scam, contact your bank immediately on a number you know to be correct, such as the one listed on your statement, their website or on the back of your debit or credit card.

Report it to Action Fraud on 0300 123 2040 or via actionfraud.police.uk. If you are in Scotland, please report to Police Scotland directly by calling 101 or Advice Direct Scotland on 0808 164 6000.

Always remember

Confirm supplier bank details directly with suppliers using their established on-file details before any payments are made


Make sure you don’t step outside your usual payment method even if it’s urgent


When paying a supplier for the first time, transfer a small amount first and check payment has been received directly by the company


Where possible, send remittance advices to suppliers once an invoice has been paid


Ensure that all staff who process supplier invoices or can change bank details check for irregularities in supplier details including changes to supplier names and addresses and changes to invoiced amounts


Be careful with the type of information you share online about your business


Check your business’s bank statements carefully. All suspicious debits should be reported to your bank immediately


If you have visited a website you think is suspicious you can report it to the National Cyber Security Centre.

Scam warning: Criminals may purport to be from Take Five, using our official branding on websites, social media posts, literature, on the phone or by text. Take Five doesn’t provide endorsement or approval for any products/services and would never call or text anyone.