The AI Invoice Scam Targeting Small Businesses in 2026

How the Scam Works

This is the AI invoice scam, and it's targeting small businesses at scale. The mechanics are straightforward: fraudsters identify a business's vendors through public information — LinkedIn, company websites, social media. They clone the vendor's voice using AI audio tools that require only a few minutes of sample audio, often scraped from public videos or voicemails. They spoof the vendor's email domain or register a lookalike domain. Then they call the target business, explain that their banking information has changed, and follow up with a fake invoice directing payment to a new account.

The reason this works so well against small businesses is that small businesses typically have fewer verification controls than large enterprises. A large company might require dual approval for any change to vendor banking information, with verification through a separate confirmed channel. A small business might have one person handling accounts payable, who receives a call from a familiar-sounding voice and processes the change without question.

How Widespread Is This?

The FBI's Internet Crime Complaint Center (IC3) reported a significant increase in AI-assisted business email compromise and voice fraud in 2025, with small businesses representing a disproportionate share of victims. The average loss per incident for small businesses was higher than for large enterprises — partly because small businesses are less likely to have fraud insurance and more likely to have the funds in a single account that can be drained.

The One Control That Stops Most Attacks

Protecting your business requires changing your verification process, not just your awareness. The single most effective control is a callback policy: any request to change vendor banking information must be verified by calling the vendor back at a phone number you already have on file — not a number provided in the suspicious communication. This one step would have prevented all three of the Denver incidents described above.

Additional controls include requiring dual approval for any payment above a threshold amount, using a secure vendor portal for banking information changes rather than email or phone, and training your accounts payable staff to treat any unexpected request to change payment information as suspicious by default — regardless of how legitimate it sounds.

The AI Workplace Policy Kit includes an incident response checklist that covers financial fraud scenarios, including the steps to take if you suspect you've been targeted by an AI-assisted invoice scam. The Employee AI Safety Course covers AI fraud recognition in Module 4, with specific examples of voice cloning and deepfake email attacks.