Invoice Ivy
One small change. One big payday.
THREAT TYPE
THREAT LEVEL
Invoice Ivy is the slickest pen in the frontier, slipping into real conversations right when you’re busiest. She doesn’t kick the door in. She waits for the perfect moment, swaps the bank details, and lets your own trust do the heavy lifting. One “quick update” later and your hard-earned money rides off into the dust.
Invoice fraud usually happens when scammers intercept or mimic a genuine supplier, contractor, or client email thread. They then send a believable message claiming the bank details have changed, often timed right before a payment is due. Because the email looks familiar, people pay the invoice as normal, but the money goes to the scammer’s account instead of the real business. Sometimes the scammer has accessed a mailbox, other times they are simply impersonating it very convincingly.
REWARD
25,000
Ranger’s Rules for Riding Safe Online
-Verify bank detail changes using a trusted method (call the supplier using a number you already have, not the one in the email).
-Treat “urgent payment” emails as a red flag, especially if details have changed at the last minute.
-Check the sender email carefully for subtle changes (extra letters, swapped domains, odd reply-to addresses).
-Use a two-person check for payments over a set amount, even if it’s just a quick verbal confirmation.
-Save known bank details securely and compare every invoice against the saved version before paying.
