A finance clerk opens an email from a trusted vendor. It requests an urgent bank account update for a large invoice. She forwards it, and the wire goes out for $2 million. Funds vanish overseas in hours. Cases like this hit AP and treasury teams hard.

Scammers target your staff with business email compromise, or BEC, tricks. They mimic bosses or vendors to reroute payments. In 2026, AI deepfakes add voice clones to fool calls. You can stop this with targeted training and controls.

This guide shows how to train your team. You’ll get real scam examples, red flags, and step-by-step policies.

Common Wire Fraud Tactics Targeting AP and Treasury

Scammers focus on finance because wires move fast and irrevocable. They hit accounts payable first with fake invoice changes. A recent BEC used display name spoofing on SendGrid to push a “past due invoice.” It passed all email checks but aimed to divert payment.

Treasury faces CEO fraud. An attacker spoofs the CFO’s email for a “confidential” wire to a new account. One school district lost $3.2 million this way in December. Hackers compromised an employee’s email and inserted fake instructions in a real thread.

Accounting teams see vendor impersonation. Scammers send near-perfect AI invoices or cloned voices for bank updates. AP pros note checks as another risk; thieves intercept or alter them.

These tactics work because they exploit trust. Emails look real. Urgency pressures quick action. For more on BEC campaigns, check Ironscales’ analysis of a spoofed vendor email.

Train your team on these patterns. Role-play the $2 million case from Sherlock Forensics. It started with one unchecked email.

Build Your Training Program Step by Step

Start with quarterly sessions for AP, treasury, and accounting. Mix videos, quizzes, and simulations. Aim for 95% pass rates on tests.

First, cover scam types. Use real examples like deepfake calls in Fraudorder’s AP guide. Show how voice cloning confirms fake bank changes.

Next, teach verification. Practice calling known vendor numbers, not email ones. Run phishing sims where “CFO” emails demand wires.

Sample topics include:

• Spot BEC and phishing hallmarks.
• Secure tools like MFA for emails.
• Report suspicious requests fast.

Make it hands-on. Simulate urgent vendor updates. Reward top performers. Update for 2026 threats like AI invoices from AP Professionals’ risks list.

Track progress. Review failures one-on-one. For protocols, see Truist’s staff training steps.

Spot Key Red Flags in Requests

Your team must pause at warning signs. Train them to list these before any wire.

Common flags:

• Urgent language like “pay now or lose deal.”
• Mismatched details, such as new bank info without proof.
• Emails from slight domain twists, like vendor-support.com.
• Requests outside normal hours or patterns.
• No prior discussion on big changes.

For vendor payments, watch bank switches. Always verify out-of-band.

Post this list in AP workspaces. Quiz on it monthly. Journal of Accountancy’s 10 tips stress these signs too.

Strengthen Internal Controls and Processes

Policies make training stick. Set dual approval for all wires over $5,000. One person initiates; another reviews.

Require out-of-band verification. Call vendors on file numbers for changes. Document every call.

Lock vendor details in secure systems. Any update needs signed forms and secondary sign-off.

For treasury, use bank portals with limits and alerts. Segregate duties: invoice approver can’t execute payments.

Sample policy: “No wires without paper trail and two approvals.” See SECMONS’ BEC playbook for dual steps. Bill.com’s prevention guide adds vendor checks.

Review monthly. Test controls with mock runs.

Conclusion

Wire fraud hits finance teams through trusted channels. Training on tactics, flags, and controls builds defense. Dual approvals and verifications stop most attempts.

Your AP and treasury staff hold the line. Start with sims and policies today. Strong habits cut losses.

Need help with culture-focused strategies? Book a Discovery Call with Bud Consulting.