Criminals are continually finding new vulnerabilities to exploit. It pays to be vigilant, especially considering that Trustpair research found nearly half (47%) of companies which experienced financial malfeasance in 2024 suffered losses exceeding $10 million. Our research also indicates that finance and treasury leaders view geopolitical uncertainty (31%) and economic volatility (47%)—of which tariffs are currently a key cause—as top drivers of heightened risk in 2025. And a quarter of respondents asserted that changes in their supply-chain and third-party relationships will elevate the threat of financial misconduct in their organizations this year.

How Criminals Infiltrate Payments

A common method of cyberattack involves impersonating trusted business partners to divert legitimate payments. The perpetrators may hack suppliers’ email systems or just spoof a legitimate contact, using an email address that closely resembles that of the known sender (e.g., [email protected] with mailto:[email protected]—instead of [email protected] and mailto:[email protected]). In either scenario, criminals usurp the identity of the supplier and claim their bank details have changed, communicating as if they were a trusted partner with the goal of redirecting a legitimate business payment into their own account.

The procurement personnel on the other side may not suspect they are communicating with a fraudster, both because they are fooled by the deceptive email address and because the impersonator has closely monitored and mimicked the supplier’s communication style. A skilled cyberattacker makes it difficult for procurement staff to recognize a fraudulent interaction as suspicious. No company or supplier is immune to these risks, but smaller suppliers, which often lack stringent cybersecurity measures, are particularly vulnerable to breaches by sophisticated criminals using advanced generative artificial intelligence (GenAI) social-engineering tactics.

These types of attacks are especially prevalent during the onboarding of new suppliers. Many criminals take advantage of the early phase in a new supply-chain relationship, when procurement may not yet be familiar with the supplier’s communication style and habits. This is also a time when sharing bank account information is standard, making requests less likely to raise suspicion. If supplier onboarding becomes more common as organizations adjust their supply chains in response to tariffs, companies will be especially vulnerable to social-engineering attacks on supplier payments.

This is also borne out by the Trustpair data, in which 54 percent of respondents indicated they feel most at risk during supplier onboarding, while 65 percent feel most exposed when a supplier requests credential changes and 64 percent when new invoices are submitted. The risk landscape extends across the entire supplier lifecycle, yet only 8 percent of companies maintain consistent vendor verification throughout the procurement process.

A Surge in Cyberattacks

Cyber fraud—any criminal activity that employs technology or the internet to deceive, such as hacking, phishing schemes, and voice cloning—is a rapidly growing method by which criminals are infiltrating organizations. Our research highlights that 90 percent of U.S. companies were targeted by cyber fraud in 2024 (up from 79 percent the prior year), and attackers are increasingly leveraging GenAI tools, including deepfake images and audio—to perpetrate highly sophisticated schemes. Our respondents reported a 118 percent year-over-year increase in the use of such GenAI tactics, so it’s clear the landscape is evolving rapidly.

Business email compromise (BEC) and impersonation scams (63%) are now the top methods criminals use against organizations, up 103 percent year-over-year. Fake websites (56%) and text messages (52%) are also among the top tactics cybercriminals employed in the past 12 months. These channels are becoming increasingly convincing as attackers harness AI to craft the perfect phishing emails or texts.

The surge in cyber fraud isn’t alarming just because of the sophistication of the attacks; it’s also raising concerns because of changes to which stages of payment processes criminals are targeting. Vendor-related attacks are on the rise, with 69 percent of companies saying they were targeted by vendor fraud in 2024—a significant increase from 47 percent the previous year. Furthermore, 47 percent of our respondents reported that vendor-related attacks are the type they are least prepared to tackle.

As criminals advance their tactics, companies must also evolve their prevention strategies and mindset.

Two Steps to Address Risks

Given these challenges, finance and treasury leaders must adopt a multi-layered approach to mitigate these risks.

1. Enhance collaboration across departments. Effective prevention of cyberattacks isn’t solely the responsibility of finance or treasury teams. It requires a coordinated effort across all departments involved in payments, including procurement, finance, treasury, and accounts payable (A/P). Criminals now target various departments and exploit communication gaps.

Missteps can occur at multiple different places in the payment process. Under-resourced teams might rush through approvals, assuming another department will catch mistakes. However, it is imperative that everyone involved in payments fully understand the risks, expectations, and their role in protecting the organization.

Nearly half (48%) of companies reported in our research that siloed processes hinder their prevention efforts. For instance, a change in supplier bank account details might not receive proper scrutiny if procurement, A/P, finance, and treasury are not communicating regularly. Even if procurement checks out the vendor’s credentials at onboarding, the organization will face exposures if treasury skips this crucial step.

CFOs and heads of treasury must cultivate a culture where finance, treasury, procurement, and A/P collaborate to establish and enforce prevention protocols. Regular interdepartmental meetings, joint training sessions, and integrated reporting systems can help break down silos and ensure alignment in the fight against financial misconduct.

2. Adopt automation. Sixty-nine percent of companies are unprepared for the surge in cyber fraud due to their reliance on manual prevention processes. Forty-one percent still use phone calls to confirm vendor bank accounts before payments, and 28 percent use manual emails. To effectively mitigate risks, organizations should consider moving away from these types of manual controls.

Criminals are rapidly advancing their attack methods, and companies must match their level of sophistication by adopting automation in fraud prevention. Doing so can enable finance and treasury teams to efficiently scale their prevention efforts across thousands of unique vendors. Even if a vendor is compromised and a request to change bank account information comes through, automated fraud-prevention technologies can flag the issue in real time, blocking the payment and enabling teams to remediate the problem before it escalates. Automation can also reduce human error and streamline workflows, leading to faster, more accurate risk management.

Stay Ahead of Criminals

As companies revamp their supply-chain and sourcing strategies to navigate tariffs and other pressures within today’s macroeconomic environment, they are at a significantly higher risk of payment-related threats.

Protecting the organization’s financials and reputation is a core responsibility of today’s treasurers and CFOs. Treasury teams should embed prevention strategies into every stage of the procurement process. They need to treat risk management as a shared responsibility across departments and to continuously invest in automation and technology to stay ahead of criminals who are becoming increasingly sophisticated and evolving their attack methods.

These steps are vital for ensuring a level playing field—and, more importantly, for winning.