How AI Is Accelerating Supplier Payment Fraud: BEC, Vendor Impersonation, and Bank Change Scams

Executive Summary

Supplier payment fraud is accelerating across U.S. organizations, including small and mid-sized companies with domestic suppliers. Business Email Compromise (BEC), vendor impersonation, and bank account change fraud are increasing in both frequency and sophistication. At the same time, artificial intelligence is enabling fraudsters to scale attacks faster and craft more convincing communications.

What’s happening

• Payment fraud attempts are rising sharply in 2024–2025, with BEC and vendor fraud leading reported incidents.
• AI tools are improving the quality, speed, and personalization of fraudulent communications.
• Smaller and mid-market companies are increasingly targeted due to perceived control gaps.

Why it matters

• Fraud losses now reach millions of dollars for affected organizations.
• Manual verification methods, including email confirmations and callbacks, are proving insufficient.
• Procurement and accounts payable teams are primary targets, exposing supplier payment workflows.

What to do about it

• Replace manual bank account verification with automated validation tools.
• Implement layered fraud controls across procurement, AP, and treasury functions.
• Continuously monitor supplier credentials and payment changes beyond onboarding.

Organizations that modernize fraud prevention controls can significantly reduce supplier payment risk and limit financial, operational, and reputational exposure.

1. Fraud Has Changed. Your Controls Must Too.

For U.S.-based companies engaging domestic suppliers, the risk of fraudulent payment activity is no longer hypothetical.

Fraud trends gathered from industry surveys point to a clear rise in attempted and successful fraud cases targeting procurement and accounts payable functions. This whitepaper demonstrates these trends and links them to broader developments in fraud techniques, including the role of artificial intelligence (AI).

The data and trends cited throughout this report are drawn from industry surveys and third-party fraud research published in 2024–2025.

Why Now?

The mainstream adoption of generative AI has changed the economics of fraud. Attacks that once required time and expertise can now be launched faster, personalized at scale, and executed with fewer resources.

2. Payment Fraud Is Now a Widespread Business Risk

According to the 2025 AFP Payments Fraud and Control Survey:

• 79% of organizations reported actual or attempted payments fraud in 2024 across B2B transactions.
• Business Email Compromise (BEC) is cited as the most common attack vector, with 63% of respondents reporting BEC attempts.

These patterns indicate that fraud is not only widespread but increasingly directed at traditional supplier payment processes.

3. Supplier and Vendor Fraud Is Accelerating and Companies Feel Unprepared

Third-party research shows a notable year-over-year increase in vendor fraud:

• 69% of companies reported being targeted by vendor fraud in 2024, up significantly from previous years.
• Vendor fraud and wire transfer fraud were the two most commonly reported attack types, and the ones organizations feel least prepared to manage.

This trend underscores how attackers prioritize procurement channels where controls are often weakest.

4. Business Email Compromise Has Become the Primary Entry Point

Business Email Compromise remains a dominant threat, with recent data showing the following:

• BEC attacks accounted for 73% of reported cyber incidents in 2024 and continue to rise.
• The average requested wire transfer in BEC attacks was $24,586 in early 2025, reflecting the financial stakes for U.S. businesses.
• Smaller companies (under 1,000 employees) still face a 70% weekly probability of at least one BEC attack.

These figures show that BEC is not just a concern for large enterprises; even smaller, down-market firms are frequent targets.

5. How Fraud Directly Impacts Procurement and AP Teams

Fraud targeting supplier payments rarely begins with a system breach. Instead, it enters through routine procurement and accounts payable workflows that rely on speed, trust, and manual verification.

Common scenarios include:

• Fraudulent vendor onboarding: Bad actors submit falsified supplier documentation or impersonate legitimate vendors, inserting fraudulent bank account details before payments begin.
• Bank account change requests: Attackers pose as existing suppliers and request urgent updates to remittance information, often using spoofed domains or compromised email accounts.
• Invoice manipulation: Legitimate invoices are altered, duplicated, or redirected, creating confusion that can result in payments being sent to the wrong party.
• Urgent wire transfer requests: Fraudsters create artificial urgency to bypass standard approval steps and reduce scrutiny.
• Executive impersonation: Emails appearing to come from internal leadership request confidential payment actions or supplier changes, using authority to override controls.

These attacks succeed not because teams lack diligence, but because they exploit trusted processes. Procurement and AP teams are expected to move quickly, manage high transaction volumes, and maintain supplier relationships. Fraudsters take advantage of that operational pressure and even a single missed step can result in misdirected funds.

6. Most Supplier Payment Fraud Follows a 3-Step Pattern

While fraud tactics vary, most supplier payment fraud follows a consistent pattern. Understanding this structure helps organizations identify control gaps before funds are released.

Step 1: Access

Fraud begins with access to a trusted communication channel or supplier relationship.

This may include:

• Email account compromise
• Domain spoofing
• Vendor impersonation
• Executive impersonation
• Submission of falsified onboarding documentation

At this stage, the attacker’s goal is credibility. They establish trust by appearing legitimate within existing procurement or AP workflows.

Step 2: Manipulation

Once trust is established, the attacker introduces a change designed to redirect payment.

Common manipulation tactics include:

• Bank account change requests
• Updated remittance instructions
• Modified invoice details
• Urgent wire transfer requests
• Altered vendor contact information

The objective is subtle redirection. In many cases, the change appears routine and aligns with standard business activity.

Step 3: Execution

The final step is payment execution.

Funds are transferred via:

• Wire transfer
• ACH payment
• Check issuance
• Card payment
• Digital payment platforms

Once payment is released to a fraudulent account, recovery becomes significantly more difficult. The success of the attack often depends on how quickly the fraud is detected.

Why This Framework Matters

Most fraud prevention failures occur when controls focus only on one stage of the process. Strong email security without bank validation leaves a gap. Manual callbacks without monitoring supplier changes create another.

Effective fraud prevention requires controls across all three stages: access, manipulation, and execution.

Organizations that understand this pattern are better positioned to interrupt fraud before funds leave the business.

7. AI Is Making Fraud Faster, Cheaper, and Harder to Detect

Fraud tactics are evolving alongside advances in artificial intelligence. What once required skilled social engineering and significant manual effort can now be automated, refined, and scaled.

AI is changing supplier payment fraud in measurable ways:

• Improved language quality and tone – AI-generated emails are grammatically correct, context-aware, and tailored to professional communication standards, making fraudulent messages harder to detect.
• Rapid personalization at scale – Attackers can analyze public information, prior email threads, or supplier data to create highly customized messages in seconds, increasing credibility.
• Advanced impersonation capabilities – AI enables realistic impersonation of vendors, executives, and internal stakeholders. In some cases, deepfake voice technology can bypass traditional callback verification methods.
• Faster campaign deployment – AI reduces the time required to craft and launch fraud campaigns, allowing attackers to test, iterate, and scale successful tactics quickly.

The result is not just more fraud attempts, but more sophisticated ones. As the cost and effort required to execute convincing attacks decline, volume increases. For organizations relying on manual review and human judgment alone, distinguishing legitimate requests from fraudulent ones becomes significantly more difficult.

8. Manual Verification Is Now a Structural Control Gap

While fraud attempts continue to rise, many organizations still rely on manual processes to validate supplier information and payment changes.

Industry surveys consistently show that Business Email Compromise (BEC) and payment diversion fraud remain among the most common and costly attack types. Yet traditional verification methods have changed little. Procurement and accounts payable teams often depend on:

• Email confirmations to validate bank account changes
• Callback procedures that rely on contact information provided in the same email thread
• Spreadsheet-based vendor master data tracking
• Disconnected onboarding and payment approval workflows

These controls were designed for a lower-volume, lower-sophistication threat environment.

Manual verification introduces several structural weaknesses:

• Speed pressure: AP teams are expected to process payments quickly, reducing time for thorough validation.
• Human dependency: Verification depends on individual judgment rather than standardized automation.
• Fragmented oversight: Supplier onboarding, bank changes, and payment execution may sit in different systems or departments.
• Lack of continuous monitoring: Once a vendor is onboarded, ongoing changes may not receive the same scrutiny.

As fraud tactics become more scalable and convincing, especially with AI-assisted impersonation, controls that rely primarily on human review and email-based validation are increasingly difficult to defend.

Modern fraud prevention requires verification processes that are independent, automated, and embedded directly into procurement and payment workflows.

9. The Financial and Reputational Cost of Inaction Is Rising

Beyond direct financial loss, fraud events carry hidden and reputational costs:

• Nearly 60% of companies reporting payment fraud experienced losses exceeding $5 million in 2024.
• Impacts extend into customer and supplier trust, investor confidence, and internal morale.

These figures highlight why organizations should view fraud prevention as a strategic priority, not a compliance task.

10. Recommendations: The Three Layers of Modern Supplier Fraud Prevention

To reduce exposure to supplier payment fraud and Business Email Compromise (BEC), organizations should move beyond isolated controls and adopt a layered fraud prevention strategy. Effective protection requires addressing fraud across the full supplier lifecycle, from onboarding through payment execution.

Layer 1: Prevent Impersonation and Social Engineering

Fraud often begins with communication-based deception. Organizations should reduce the likelihood of fraudulent requests reaching procurement and AP teams by strengthening front-end controls, including:

• Email authentication protocols (SPF, DKIM, DMARC)
• Domain monitoring and spoofing detection
• Employee training focused on vendor impersonation and payment fraud scenarios
• Clear internal policies for handling urgent payment requests and approval overrides

This layer helps stop fraud attempts before they reach financial workflows.

Layer 2: Validate Supplier Bank Accounts Before Payments Are Released

Even with strong email security, fraudulent requests can still reach AP teams. That makes bank account validation a critical control point. Organizations should reduce risk by implementing:

• Automated bank account validation tools
• Independent verification of account ownership before payment execution
• Standardized processes for handling bank account change requests
• Removal of approval processes that rely solely on email confirmation or manual callbacks

This layer prevents payments from being sent to incorrect or fraudulent accounts.

Layer 3: Continuously Monitor Supplier Credentials and Payment Changes

Fraud risk does not end after onboarding. Supplier records can be manipulated over time, and fraudsters often wait for the right opportunity to strike. Organizations should adopt continuous monitoring practices, including:

• Ongoing validation of supplier credentials beyond onboarding
• Monitoring for changes to payment details, tax IDs, addresses, and banking information
• Flagging suspicious supplier updates or unusual transaction patterns
• Cross-functional oversight between procurement, AP, treasury, and compliance teams

This layer ensures supplier data integrity remains protected over time.

Building a Stronger Fraud Defense

Organizations that implement all three layers create a stronger defense against modern fraud tactics. Instead of relying on manual processes and reactive controls, a layered strategy reduces fraud exposure before payments are initiated, approved, and executed.

Key Takeaways

• Supplier payment fraud is accelerating across U.S. organizations, including small and mid-sized businesses with domestic supplier networks.
• Business Email Compromise (BEC) and vendor fraud are now leading attack methods, targeting procurement and accounts payable workflows where payment controls are often inconsistent.
• AI is increasing the speed, scale, and realism of fraud attempts, enabling attackers to create more convincing impersonation and social engineering campaigns with minimal effort.
• Manual verification methods are no longer sufficient, as fraud volume and sophistication have outpaced traditional processes like email approvals and callbacks.
• Organizations that adopt automated verification and layered fraud controls can reduce risk before payments are released, helping prevent financial losses, operational disruption, and reputational damage.

Conclusion

Fraud targeting supplier payments and BEC attacks is increasing in both frequency and sophistication.

U.S. companies, including those with fewer than 1,000 employees, face significant exposure because many still rely on manual, error-prone processes. With AI lowering the barrier to crafting convincing attacks, organizations that fail to modernize their fraud prevention controls risk financial loss, operational disruption, and reputational damage.

Organizations can reduce supplier payment fraud risk by implementing automated bank account validation, continuous supplier monitoring, and layered fraud controls across procurement and AP workflows.