Vendor Payment Change Scam: A Real-World Example for Businesses
A vendor payment change scam can look like a normal business request. That is why it can be so dangerous for companies, nonprofits, schools, and local organizations.
How a payment change scam can happen
An employee receives an email that appears to come from a real vendor. The message says the vendor has changed banks and future payments should go to a new account.
The email may include a familiar invoice, company name, and signature. It may even come from a compromised vendor email account, which makes it harder to spot.
If the business updates payment information without a second verification step, money may be sent directly to the scammer’s account.
Warning signs to watch for
- A vendor suddenly changes bank information by email.
- The request is urgent or unusual.
- The email address is slightly different or the tone feels off.
- The vendor asks to avoid normal approval steps.
- Payment instructions change right before a large transfer.
What to do before you respond
- Do not change payment information based only on email.
- Call a known phone number already on file, not the number in the email.
- Require two-person approval for vendor banking changes.
- Document who verified the request and when.
- Read Vendor Invoice Scam Red Flags.
The simple rule to remember
If a message, call, website, letter, or ad makes you feel rushed, scared, excited, or pressured, slow down. Scammers want you to act before you verify. A real organization should allow you to hang up, close the message, and contact them through a trusted number or website.
Related GonePhishing articles
Protect yourself before the next message or call arrives
Scams work best when people feel rushed, scared, or embarrassed. GonePhishing helps people slow down, recognize warning signs, and build safer habits before money or personal information is lost.