The Gist
Once a threat mostly seen in consumer scams, payment fraud is now booming with a rise in social engineering in B2B payments. Why? As CyberDB recently pointed out, the rise of digitized business payments has created new attack surfaces—and a far bigger payout for fraudsters.
But what’s changed isn’t just the technology. It’s the target: today with AI‑powered social engineering, it’s no longer systems that are under attack—it’s your vendors and employees.
And bad actors are doing it at a far greater frequency. According to AFP’s 2025 Payments Fraud and Control Survey Report, 79% of B2B organizations were victims of payment fraud attacks or attempts in 2024. And cybercriminals are succeeding with some massive payouts. Just last year, employees at a UK-based engineering firm, Arup, were tricked by deepfake video of the company’s CFO into transferring $25 million to cybercriminals.
Why Social Engineering in B2B Payments Is So Effective
As B2B payment systems have modernized, they’ve become unintentionally optimized for deception. At the end of the dayHere’s why fraudsters are turning to social engineering in B2B payments instead of breaching infrastructure:
- Larger payouts at stake: B2B payments now flow digitally and at scale—and one approval mistake can cost millions, making the AP staff a more lucrative target than consumer accounts.
- Layered approval processes: With multiple stakeholders involved, attackers can exploit the gaps in communication or impersonate one party to manipulate another. There are more details to hide amidst than in consumer accounts.
- Manual and outdated workflows: Despite digital transformation, many approvals and requests still rely on antiquated and vulnerable processes like bank account validations and call-back procedures. These are easy to spoof, especially with generative AI capabilities.
- Psychologically wired for scams: Social engineering exists because it’s a timeless psychological approach that works. As Shai Gabay points out in a Forbes article, “we’re wired to fall for scams,” and now bad actors just supercharge those psychological weaknesses with the support of GenAI.
The results? A fraud landscape where the system works as designed—but a single well-crafted message can bypass every safeguard.
Trustmi’s Take
Social engineering in B2B payments isn’t slowing down—it’s accelerating. Cybercriminals are using generative AI to convincingly impersonate vendors and executives, slipping past defenses that were never built to detect deception.
Legacy defenses like bank validations, email filters, and training weren’t built to catch this kind of deception. Today’s fraud prevention must deliver behavioral insight, real-time visibility, and adaptive protections across the entire payment process—before the money moves.
Watch how GenAI is supercharging socially engineered fraud—and how you can prioritize your defense.
