Fraud in the age of automation: practical steps to protect your payments

During our recent webinar, we explored a very practical question: what can Belgian organisations realistically do to combat fraud?

Because the risk is real:

• 55% of Belgians encountered phishing last year

• Nearly 1 in 10 people were directly affected

• €364 million in fraud was reported within our ecosystem in 2024. And since not every case gets reported, the real impact is likely much higher.

How is payment fraud evolving?

As payment processes become more automated, fraud is shifting towards process fraud: criminals increasingly target and manipulate the trusted processes around payments.

As highlighted during the webinar:

During the session, three concrete scenarios illustrated how fraud tactics are evolving:

1. Invoice fraud 2.0: targeting supplier change processes
   Fraudsters no longer just change the IBAN on an invoice. They increasingly target the supplier change process itself, sometimes using fake companies or compromised email domains. VoP checks can even give a false sense of security if the underlying process is weak.

2. Peppol hijacking: abusing trusted e-invoicing channels
   E-invoicing networks like Peppol reduce email fraud risks, but trust in the channel can also reduce vigilance. Lookalike companies may try to enter the network or hijack existing identities to send fake invoices through a trusted channel at scale.

3. Salary fraud: manipulating HR and payroll processes
   Criminals impersonate employees and request bank account changes via HR. If changes are validated too easily, salaries may be diverted before anyone notices.
   Read more on this topic in our recent blog on payroll phishing

What are practical ways to protect your payments from fraud?

Effective protection comes from a mix of awareness, strong internal processes and the smart use of technology:

✔️ Awareness and training
Employees remain the first line of defence; a critical mindset remains essential. Creating a culture where people feel comfortable questioning unusual requests can already prevent many incidents.

✔️ Supplier controls
Clear procedures for onboarding new suppliers and validating bank account changes significantly reduce risk. The earlier anomalies are detected, the lower the potential friction and impact will be.

✔️ Smart automation such as invoice screening
Automation can reduce manual errors and help detect unusual patterns that would otherwise go unnoticed. Especially when financial volumes increase, automation becomes not just efficient, but necessary to maintain control. Technologies such as automated invoice screening can help organisations identify risks earlier in their payment processes.

Fraud prevention is a continuous and shared effort

Fraudsters continue to innovate. That’s why fraud prevention is never a one-time exercise. It requires continuous attention, regular reviews of controls and constant adaptation to new techniques used by criminals.

The good news is that organisations do not have to face this challenge alone. Collective initiatives such as Safeonweb and the Belgian Anti-Phishing Shield (BAPS) already prevent millions of clicks per year to suspicious websites.

The Belgian Anti-Fraud Coordination Board also shows the value of collaboration by bringing together experts from different industries to better prevent and respond to fraud. Remy Knecht, Isabel’s Head of Anti-Fraud Services is a member of this board:

The same principle applies within organisations. Preventing fraud is no longer just a finance responsibility. HR teams, for example, play an important role in preventing salary fraud, while other departments may detect other warning signs.

By sharing experiences, strengthening processes and staying informed about new fraud techniques, organisations not only protect themselves, but also contribute to a more resilient financial ecosystem.