The Insanely Clever AP Scam I Almost Fell For – And How AP Automation Saved my Arse

Phishing scams are a dime a dozen, right? Most are easy to spot—obvious typos, strange sender addresses, or just a lack of polish that screams “scam.” But this time, I encountered one that nearly slipped past me. As a long-time Director of Finance, I thought I’d seen it all, but this scam was a masterclass in deception. Without our automated AP workflow in Centime, we might have been out nearly $50,000.

‍

Here’s How the Scam Worked

The fraudsters were meticulous. They crafted an email thread that looked like it had been going back and forth between our CEO, BC Krishna, and a consultant from an outside firm. They even managed to create a fake response from BC, directing the invoice to my department. Here’s a breakdown of how they almost had us:

‍

1. Impersonated Email from Our CEO: The scammers started by creating an email from our CEO, asking the consultant to send an overdue invoice directly to me. They even included a previous email from BC, making it appear like he’d already reviewed the charges and given his approval.

‍

2. A Detailed and Professional Invoice: The invoice itself looked legitimate, complete with descriptions like “Executive Business Coaching and Development” and “VIP Membership.” It included a substantial amount—$48,490—and had every detail you’d expect to see in a professional document.

‍

3. Urgency and Follow-Up: Just like a real vendor, the scammers followed up on the invoice, reminding us that payment was overdue. They urged immediate action to avoid disruption of “exclusive benefits,” making it feel like a legitimate business service we needed to keep active.

‍

Seeing this email chain, I almost approved it. It was only thanks to our AP workflow that I hesitated and dug deeper.

‍

Why This Scam Was So Effective

Trust in Familiar Names: By impersonating BC, the scammer created an instant sense of trust. I’m used to following up on executive approvals, so it didn’t seem unusual for him to send an invoice over.
Professional Presentation: Every detail was polished. The language, formatting, and layout all mirrored a real vendor invoice. It wasn’t a hasty copy-paste job; they made it look entirely legitimate.
Pressure Tactics: By introducing urgency, they made it feel like an issue that needed quick handling, reducing the likelihood that I’d take extra time to investigate.

‍

How Our AP Workflow in Centime Saved Us

In the end, it was our automated AP workflow that saved the day. Centime’s automated, structured process forced this invoice through a series of checks and approvals that the fraudsters couldn’t account for. Here’s why Centime is so effective against scams like this:

‍

Strict Approval Processes: Centime’s workflows require that every invoice—no matter who appears to request it—goes through a multi-level approval process. No single person can rush it through based on name recognition alone.
Verification Mechanisms: Our AP workflow automatically verifies details on invoices, including vendor information and unusual charges. If anything seems off, it’s flagged for review. This invoice was no exception.
Documented Transparency: Centime keeps a clear log of all communications, approvals, and document interactions. Any attempt to push through an invoice without the correct documentation or prior conversation raises an immediate red flag.
Takes the Pressure Off Staff: Centime’s automation lets our team review invoices systematically, without worrying about missed deadlines or urgent follow-ups from executives. We can take the time we need, ensuring every invoice is legitimate.

‍

Centime AP’s invoice approval tools give you control by allowing you to set monetary thresholds for invoice approvals. Want extra oversight on high-value invoices? It’s simple. Establish up to three approval levels based on amount thresholds, ensuring that invoices needing greater scrutiny are properly reviewed, while lower-value invoices flow through the process seamlessly.

In finance, you’ve got to stay vigilant. Even seasoned pros can almost fall for something that looks this polished. Without Centime’s automated AP workflow, we could have easily paid that bogus invoice. Let our story be a reminder—protect your business and your team with strong AP automation, and you’ll be able to spot and stop even the most sophisticated scams.

Ready to protect your business from sophisticated scams? Schedule a demo with Centime today and see how our automated AP workflows can safeguard your finances, streamline approvals, and give you peace of mind.

Sign up for our newsletter
to get finance insights and cash planning tips delivered straight to your inbox twice per week.

**Deposit placement through ICS is subject to the terms, conditions, and disclosures in the applicable agreements. Although deposits are placed in increments that do not exceed the FDIC standard maximum deposit insurance amount (“SMDIA”) at any one destination bank, a depositor’s balances at the institution that places deposits may exceed the SMDIA (e.g., before settlement for deposits or after settlement for withdrawals) or be uninsured (if the placing institution is not an insured bank). The depositor must make any necessary arrangements to protect such balances consistent with applicable law and must determine whether placement through ICS satisfies any restrictions on its deposits. A list identifying IntraFi network banks appears at https://www.intrafi.com/network-banks. The depositor may exclude banks from eligibility to receive its funds. IntraFi and ICS are registered service marks, and IntraFi Cash Service is a service mark, of IntraFi Network LLC.

^††3.5% Annual Percentage Yield (APY) as of 11/19/24. Deposit rate may adjust to current market rate and may change daily. Fees may reduce earnings.

*Centime is not a bank and is not authorized by any federal or state agency to engage directly in core banking activities.
‍
*All banking products and services available through Centime are provided by FNBO and are governed by the applicable agreements and related disclosures provided to you by FNBO. Member FDIC.
‍
‍*While Centime facilitates traditional banking activities (such as the acceptance of deposits or extensions of credit), these services are actually provided by our banking partner, FNBO.
‍
*Centime may provide support services to FNBO, as permitted by applicable law, to facilitate the delivery of its bank products and services.

**Deposit placement through ICS is subject to the terms, conditions, and disclosures in the applicable agreements. Although deposits are placed in increments that do not exceed the FDIC standard maximum deposit insurance amount (“SMDIA”) at any one destination bank, a depositor’s balances at the institution that places deposits may exceed the SMDIA (e.g., before settlement for deposits or after settlement for withdrawals) or be uninsured (if the placing institution is not an insured bank). The depositor must make any necessary arrangements to protect such balances consistent with applicable law and must determine whether placement through ICS satisfies any restrictions on its deposits. A list identifying IntraFi network bank

The Insanely Clever AP Scam I Almost Fell For – And How AP Automation Saved my Arse

You may also like

Fraud Horror Stories: Essential Lessons for Strengthening Internal Controls and Reducing Financial Risks

What is Positive Pay? A Guide to Protecting Your Business Against Fraud

Solutions

Features

Pricing

Integrations

Resources

Software Solutions

Company

Industries

Compare

Guides