Under attack: How AP leaders can stop phony bank account change requests

GlobalData

Wed, December 10, 2025 astatine 6:54 AM CST 8 min read

The frequency, sophistication, and fiscal interaction of outgo fraud are accelerating astatine an unprecedented pace. According to the 2025 AFP Payments Fraud and Control Survey, 71% of organisations were targeted by outgo fraud past year, and much than one-third of those attacks progressive phony slope relationship alteration requests.

While cybersecurity teams absorption connected firewalls and phishing filters, AP departments are targeted done a overmuch simpler vulnerability: trust.

This nonfiction explores however today’s fraudsters operate, wherefore accepted controls autumn short, and what champion practices and technologies tin assistance AP leaders safeguard their organisations from devastating losses.

The hazard of outgo fraud isn’t conscionable higher, it’s accelerating.

The FBI’s Internet Crime Complaint Center reported much than $3bn successful concern email compromise (BEC) losses successful 2024, a astir 20% summation from the anterior year.

Several factors are driving this surge:

• Dependence connected email. Nearly 90% of invoice and outgo communications inactive travel done unsecured email channels, creating endless opportunities for spoofing.

• More blase criminals. Today’s fraudsters usage AI-generated text, cloned logos, and adjacent deepfake audio to make convincing fake requests.

• Data breaches. Stolen information fuels targeted attacks, giving scammers everything they request to impersonate existent suppliers.

• Weak oregon inconsistent controls. Many organizations inactive trust connected manual verification oregon decentralised onboarding.

• Limited unit training. According to PwC’s 2025 Global Economic Crime Survey, less than 1 successful 3 concern employees person regular anti-fraud education.

The result: AP teams look a regular balancing enactment betwixt ratio and vigilance, and criminals are exploiting that tension.

Across industries, 5 schemes predominate today’s AP fraud landscape. Each exploits the anemic points successful manual AP processes and quality oversight.

1. Insider fraud exploiting manual processes. Employees with entree to vendor information tin manipulate slope details oregon make fake suppliers erstwhile there’s nary audit trail. The Association of Certified Fraud Examiners (ACFE) estimates median losses from billing fraud astatine $140,000 per incident.

2. Duplicate and altered invoices. Fraudsters resubmit morganatic invoices with tiny tweaks, specified arsenic a caller number, a somewhat antithetic date, oregon a changed slope account, counting connected overworked unit to miss the differences.

3. Phishing and BEC. Attackers impersonate suppliers oregon executives utilizing lookalike domains. The FBI attributes much than $14bn successful cumulative losses to BEC scams successful the past 5 years, and AP remains 1 of the astir communal targets.

4. AI-generated fraud techniques. Deep-fake dependable calls and synthetic invoices created with AI marque fraud attempts harder to detect. These scams exploit AP’s earthy inclination to spot acquainted voices and papers formats.

5. Phony slope relationship alteration requests. The fastest-growing threat. Fraudsters airs arsenic morganatic suppliers and inquire AP to “update” their banking details. Without autarkic verification, payments are rerouted to transgression accounts. AFP reports a 43% summation successful these attacks implicit conscionable 2 years, with idiosyncratic losses often reaching six oregon 7 figures.