Columbia County sheriff's investigators are warning local businesses after electronic scammers stole approximately $150,000 through a series of fraudulent transactions targeting multiple companies in the area.
The losses resulted from employees being deceived into believing they were handling legitimate payments or vendor instructions, causing substantial financial harm and operational disruption once the missing funds were discovered.
The wrongdoers reportedly relied on tactics such as spoofed email addresses, cloned or manipulated invoices, and falsified electronic payment instructions that closely mimicked genuine communications from trusted vendors or internal leaders.
By inserting themselves into ongoing business email conversations and altering account information for wire or ACH transfers, they diverted funds into accounts they controlled before victims realized the transfers had been misdirected.
Investigators emphasize that these scams often exploit small lapses in verification, such as failing to confirm a change in payment information by phone or relying solely on email to approve high?dollar transfers.
Authorities are urging businesses to implement multi-step verification for financial transactions. Train staff to recognize common red flags of business email compromise and promptly report suspicious activity to improve the chances of tracing or recovering stolen funds.
Source: https://www.augustachronicle.com/story/news/crime/2025/10/28/columbia-county-businesses-lose-150000-to-electronic-scammers-cyber-crime-theft-fraud-larceny/86934988007/
Commentary
Invoice fraud is a form of social engineering that exploits busy accounts payable teams who trust what looks familiar instead of confirming what is real.
Common warning signs begin with the vendor identity. A fake invoice may come from a vendor the organization has never used, from a generic email domain rather than a corporate address, or with contact details that do not match the information on file.
Even when the name looks right, small spelling changes, a different bank, or a sudden request to send funds overseas should trigger further verification.
Suspicious content within the document is another signal. Vague or generic descriptions of goods and services, missing purchase order references, incorrect tax calculations, and invoice numbers that do not fit the vendor's usual sequence suggest fabrication or tampering.
Formatting often gives criminals away, such as poor-quality logos, inconsistent fonts, obvious copy?and?paste areas, and unprofessional language. These indicate a rushed attempt to imitate a legitimate template. Timing and behavior also matter.
Invoices that arrive for services not yet rendered, appear as duplicates of prior bills, or demand unusually fast payment using urgent language are classic red flags.
The final takeaway is: train staff to take their time when any of these signs appear. Cross?check every invoice against vendor master data and purchase orders, and independently verify any change in payment instructions with a known contact. These practices can greatly reduce the risk that a fake invoice will be paid.
