Skip to main content

Businesses warned of payroll and invoicing fraud scams during busy Christmas and year end period

FraudSMART, the fraud awareness initiative of Banking & Payments Federation Ireland (BPFI), is warning Irish businesses to beware of increasing levels of payroll and invoicing scams which fraudsters will take advantage of in the busy lead into Christmas and year end.   


Head of Fraud Prevention at the BPFI, Olivia Buckley said: “December is a particularly busy period for many businesses with high volumes of transactions and payments being made to meet Christmas and year-end deadlines. Businesses need to be highly alert to fraudsters who are working to catch businesses off guard and defraud them by way of sophisticated scams.”


New payroll fraud scams 

“A new payroll fraud scam is on the rise, with fraudsters targeting HR and payroll departments to defraud employee wages and salaries. By hacking or accessing the email account of an employee, fraudsters can send what appear to be genuine emails to HR or payroll department requesting that wages or salaries be paid into a new bank account. FraudSMART is urging businesses to verify all such emails with their employees verbally in advance of making any changes to payroll details”, said Ms. Buckley. 


Christmas and year end invoice fraud 

FraudSMART is also warning businesses to be extra vigilant to invoicing fraud scams which may take advantage of the hectic Christmas trading and year-end period. Ms. Buckley said: “Invoice re-direction fraud sees businesses receive a request, usually by email, from a fraudster posing as one of their legitimate suppliers and advising that their bank accounts details have changed. Given the deadline and supply pressures which businesses are under at this time of year, employees may find themselves making changes to bank accounts details, without first checking by telephone with the suppliers. Invoice fraud emails play on appearing authentic and will mirror an email regularly received from a supplier, including logos and signoffs. If the business fails to check the source of the request all future payments from the business will unknowingly be sent to the fraudsters account.”

FraudSMART has issued the following advice in respect of these latest scams:

  • Have a verification process in place before changing saved bank account details of your employees, suppliers or service providers.
  • Verify the change by contacting the employee or a known contact of the supplier/service provider, use contact details held on record or a contact number on the supplier’s website. Do not to use the contact details on the email/letter requesting the change as these could be fraudulent.
  • Inform employees of this fraud so they are alert to it and can avoid it.

Speaking on today’s alert, Olivia Buckley, who leads BPFI’s FraudSMART programme said: “The payroll scam has emerged in recent months and is the latest evolution of a number of sophisticated email scams which businesses big and small are targeted with. We are aware of a number of cases to date where losses have been incurred and we are appealing to businesses to heed today’s warnings and put simple verification measures in place to prevent falling victim. We would in particular emphasize that small business can be a target of such scams. SME’s may not always consider themselves to be a target of financial fraud but unfortunately when they do fall victim they are disproportionally affected, and the impact can be devastating”.

FraudSMART has developed an information booklet ‘Protect Your Business from Fraud’ aimed specifically at the business community. This brochure is available to download on

FraudSMART is a fraud awareness initiative developed by Banking & Payments Federation Ireland (BPFI) in conjunction with AIB, Bank of Ireland, KBC Bank Ireland, PermanentTSB, Ulster Bank and An Post. The aims to raise consumer and business awareness of the latest financial fraud activity and trends and provide simple and impartial advice on how best they can protect themselves and their resources. 


For further information: 

Olivia Buckley, Head of Fraud Prevention, FraudSMART, BPFI, 087-6298113


Notes to Editors – Common frauds targeted at businesses 

Invoice Fraud
Using a spoofed email address, the fraudster emails a business pretending to be a supplier. The email will mirror an email they regularly receive from a supplier, including logos and signoffs. The email informs them that they have a new bank account and that all future payments should go to the new account. When the business receives the next legitimate invoice from the real supplier, they make a payment to the new bank account. Generally, it is only when the reminder to pay the invoice comes in that they realise what has happened. By then the fraudster has their money and it’s too late to recall the payment.  


CEO/ Executive Impersonation Fraud

CEO fraud is a scam in which fraudsters hack into the legitimate email of a CEO/Senior Executive and impersonate them sending an email to another employee in the business who deals with payments. They use malware to hack into the email and will monitor how the CEO/Senior Executive writes their emails, the tone and common phrases they use, and how they sign off an email. The fraudsters generally take an opportune moment when they know the CEO is out of the office, such as on annual leave, to send the mail telling the employee to pay money to a supplier and providing the account details to do so. This results in the funds being sent to the fraudsters account.  In some instances, it might not be a payment request but a request for personal information such as P30s or customer information.  


About BPFI:

Banking & Payments Federation Ireland (BPFI) represents the banking, payments and fintech sector in Ireland.  Together with its affiliates, the Federation of International Banks in Ireland and the Fintech & Payments Association of Ireland, BPFI has over 70 member institutions and associates, including licensed domestic and foreign banks and institutions operating in the financial marketplace here.