$17,000 Almost Gone: Local Vendor Email Compromise

Two professionals reviewing documents closely with a magnifying glass and calculator.

Email makes paying vendors fast and convenient, but that same convenience creates openings for fraud. One business customer learned this after a convincing message from a trusted supplier nearly sent $17,000 to criminals.

Vendor email compromise is one of the fastest-growing scams in Iowa. It looks professional, builds trust, and can bypass even careful accounting teams. This case shows how easily it can happen and what steps can prevent it.

Table of ContentsFraud Mitigation Services

Key Takeaways
1

Vendor email compromise happens when a criminal hacks a trusted company’s inbox.

2

Payment instructions should never be accepted by email alone.

3

Always confirm account changes by phone with a verified contact.

4

ACH and wire payments move quickly and are difficult to reverse.

How the Fraud Started

Every business relies on email to manage payments and invoices. Criminals know that trust built through ongoing communication can be exploited.

A local business customer received an email from a long-time vendor announcing a change in their payment process. The message looked identical to past emails. It used the same address, tone, and formatting.

Over the next few weeks, messages continued between the two accounts. The vendor appeared to confirm the new payment details several times, providing documents and explanations that looked legitimate.

When the next $17,000 invoice arrived, the business sent payment using the updated account information.

How the Fraud Was Discovered

Fraud often comes to light only when someone notices a missing payment. That's precisely what happened here.

The Vendor's Call

Three weeks after the transaction, the vendor reached out to the business asking why payment had not been received. Both sides reviewed their records and were surprised to find different account numbers listed on the invoices.

After comparing the email threads, they realized that the vendor's inbox had been compromised. The criminals had been copying genuine messages, changing small details, and sending them back through the same chain.

How the Money Was Diverted

The payment was processed as usual, but it went to a fraudulent account that matched the vendor's business name. Because the instructions appeared to come directly from the vendor's email address, there were no warnings or system alerts.

By the time the error was found, the funds had already cleared the receiving bank. The vendor ultimately absorbed the loss, since the customer had proof that payment had been made to the requested account.

What This Scam Reveals

Vendor Email Compromise (VEC) is a growing form of Business Email Compromise. It targets established relationships between companies and suppliers.

How Criminals Build Trust

Hackers don't always strike immediately. They often monitor a vendor's inbox for weeks, learning how invoices are formatted and when payments are due. Once they understand the process, they send messages that look identical to legitimate ones.

The changes can be small, such as a new account number or a slight variation in the email address. Because the requests appear normal, they are rarely questioned.

Warning Signs to Watch

  • Unexplained changes to payment details or banking information

  • Messages with new or urgent payment language

  • Requests for international transfers from local vendors

  • Emails that bypass standard approval or review steps

These clues are easy to overlook, especially when employees are busy or trust the sender.

Why Businesses Are Especially Vulnerable

Businesses rely on efficiency, and repetitive processes create blind spots. Once a vendor is trusted, payments often flow with minimal review. Criminals take advantage of that routine by imitating trusted vendors rather than inventing new ones.

The result is a fraud that feels legitimate until it's too late.

How FSB Protects Businesses from Vendor Fraud

This incident reinforced the importance of live verification and internal controls. FSB helps businesses put systems in place to prevent this type of loss.

How FSB Responded

Upon the customer's report, our Treasury Management team reviewed the transaction and confirmed that the payment instructions had not been verified by phone.

The customer's processes were sound, but they lacked a consistent callback step for new or changed vendor details.

FSB used this case to educate multiple business clients about the risks of vendor impersonation. Our team emphasized that strong controls matter more than email security alone.

Recommended Safeguards

FSB now encourages every business customer to use these best practices:

  • Confirm all vendor payment changes by phone using a verified number

  • Require dual approval for all outgoing ACH or wire payments

  • Review vendor lists regularly and remove inactive accounts

  • Use Positive Pay and ACH filters for added verification

  • Train staff to question any unexpected or urgent payment requests

Each of these steps adds a layer of protection that stops fraud before it reaches the account.

The Role of Treasury Tools

FSB's Treasury Management Services can automate many of these safeguards. Dual approval, payment templates, and callback procedures make verification fast and reliable. These systems help small businesses maintain security without slowing operations.

Building a Culture of Verification

Technology helps, but the most vigorous defense is still awareness. Businesses that treat every payment change as suspicious have fewer losses and respond faster when fraud occurs. Verification should always be viewed as part of customer service, not as an inconvenience.

Protect Your Business from Vendor Email Fraud

Vendor email compromise affects companies of every size, from small shops to large organizations.

Want to review your process, strengthen your defenses, or get help if something feels off? Contact FSB's Treasury Management team today!

Cathy Ehnen - Fraud Prevention Expert at Farmers State Bank (Marion, IA)

Written by

Cathy Ehnen

Since starting at FSB in 1990, Cathy has built a wealth of experience, spending over two decades in Retail Operations before joining the Fraud Department in 2016.

She regularly attends fraud prevention seminars and maintains strong connections with local financial institutions and law enforcement. Cathy serves as FSB's first line of defense in fraud prevention and is committed to safeguarding customers and the bank.

Questions about fraud? Contact Cathy today!

Call: 319-730-6970
Email: CathyEhnen@fsbmail.net

Related Articles

Man in a suit taking a serious phone call in a bright office.

Spotting Fraud Business Calls

Learn how scammers impersonate vendors and how to verify every call.

Learn How to Identify Fake Calls


Frustrated small business owner after falling victim to Business Email Compromise fraud

Stop Business Email Scams Early

Learn how to protect your business from email fraud.

Prevent Business Email Compromise


Worried man at laptop with hands on his face, overwhelmed by a financial issue.

One Mistake Nearly Cost Thousands

See how a quick verification call stopped a $300,000 loss.

Read the Full Case