The Context
The accountant runs a solo practice handling bookkeeping, payroll, and tax operations for dozens of clients.
A recurring vendor sent monthly invoices in a familiar format over a multi-year period.
Independent Accounting | Calgary, Alberta
A Calgary CPA caught a $14,000 invoice fraud that Gmail missed entirely
A long-standing vendor invoice looked legitimate but had a modified routing number. The comparison workflow flagged it in seconds before payment.
$14,000
Fraud Prevented
Digits
Changed
3 sec
Detection Time
0
Emails Stored
The Attack
An invoice arrived with the expected sender identity and identical totals, branding, and layout.
The only malicious change was a modified routing number in the payment details section.
Detection Workflow
Before paying, the accountant compared the new invoice against the prior month in the dashboard.
The system highlighted the changed digits immediately, enabling direct vendor confirmation before funds moved.
Business Impact
The practice avoided a likely irreversible transfer and downstream liability risk.
The team now runs invoice comparisons routinely and keeps scan logs for due diligence.
“I would have paid it. Everything looked normal. The only reason I checked was because So was already on my laptop.”Solo CPA, Calgary, Alberta
Key Takeaways
- - SPF, DKIM, and DMARC validate sender infrastructure, not attachment intent.
- - Invoice fraud often hides in trusted, repeated workflows.
- - Document comparison catches subtle field-level changes before payment.
- - Local analysis protects privacy and improves compliance posture.
See how this fits your workflow
Start with a no-cost scan workflow or schedule a product walkthrough for your practice.