Introducing Bectran Intelligence Lab — AI tools for credit, risk, and collections.
Explore the toolkit →%20copy%201.svg)
Spotting a fraudulent credit application used to rely on catching human errors in paperwork. Today, bad actors are more deliberate — and the first order remains the most exploited moment in the B2B credit cycle. Sales teams are under pressure to close. Credit teams are under pressure to move fast. Fraudsters understand both.
New customer fraud in B2B transactions rarely involves a sophisticated cyberattack. It relies on simple deception: a slightly altered company name, a forged signature, an invalid email domain. When credit teams process dozens of applications a day, these subtle anomalies slip through.
This post is the first in our series, The B2B Fraud Defense Manual. We'll examine the operational realities of new customer fraud, the systemic gaps that allow it to reach the approval stage, and practical frameworks credit managers can use to identify red flags before the first shipment leaves the warehouse.
Personal guarantees are a standard requirement for many new business accounts, particularly for smaller entities or those without established credit histories. The guarantee is only useful if it is legally binding and signed by the correct individual.
One type of signature fraud that surfaces in credit reviews is guarantee forgery — an applicant signing a minor's name or the name of someone unaffiliated with the business's financial operations. If the account defaults and the credit team attempts to enforce the guarantee, they find the signatory has no legal authority to bind anyone. The document becomes worthless, and the debt becomes a write-off. Verifying the identity behind the signature is a critical but frequently missed step in manual review.
Fraudsters frequently use the reputations of established companies to secure credit. They register email domains one letter off from a known corporation or use a business name nearly identical to a reputable buyer. Newer sales representatives — less familiar with standard customer profiles — are common targets.
The pattern typically unfolds the same way. A fraudster applies for credit using a fake domain. Once approved, they place a large, urgent order and request shipment to an unusual location — often a freight forwarder or a cross-border address. By the time the invoice reaches the real company, the goods are gone, and the legitimate business has no record of the transaction. Unusual shipping destinations on first orders are a reliable early signal worth escalating immediately.
Some fraud does not happen immediately. Bust-out fraud involves establishing a seemingly legitimate account, paying a few small invoices on time to build a positive payment history, then requesting a credit line increase before maxing out the account on high-value goods and disappearing.
Validating a customer is not a one-time event. The initial application might look clean, but monitoring purchasing behavior over time is essential. Sudden shifts in order volume — especially following a credit limit increase — are a reliable indicator that the account warrants a closer look.
ERP systems are built to manage transactions, inventory, and accounting. They are systems of record, not systems of truth. When a new customer profile is created, the system accepts the data entered.
The ERP does not independently verify whether the address is a commercial warehouse or a residential apartment. It does not check whether the email domain was registered three days ago. If an impersonator provides a fake billing address and a real company's name, the ERP will generate an invoice and post the receivable — completely unaware the data is fraudulent. Verification must happen before the customer master record is ever created.
Sales teams are incentivized to generate revenue. Credit teams are tasked with managing risk. When a new lead comes in, the sales representative gathers the initial information, and if the handoff is entirely manual — relying on emailed PDFs or paper applications — context is frequently lost.
A salesperson focused on order volume might overlook a strange shipping request. The credit application review team, receiving only a scanned form, never sees the communication that accompanied it. Behavioral red flags disappear between the two handoffs.
Many credit departments still rely on manual research to verify new accounts — searching a business address, checking a Secretary of State website, calling trade references. The process is slow and inconsistent. When analysts are rushed, steps get skipped. Public records are not always updated in real time, and a fraudster can easily provide a legitimate address that belongs to another business. Relying on human analysts to cross-reference multiple disjointed data points across every application creates a high margin for error.
A manual review process that works for five applications a week breaks down at fifty applications a day. When the queue backs up, pressure from sales mounts. Under pressure, the depth of the credit review decreases. Analysts approve accounts based on surface-level information just to clear the backlog — and bad actors slip through.
Establishing a reliable customer master record requires validating four specific pillars before any credit is extended.
Company Radar can support this validation layer — scanning for bankruptcies, legal filings, and financial red flags in real time, rather than waiting for credit bureau data to catch up.
Inconsistency is the enemy of fraud prevention. Every application must pass through the same gates, regardless of who the sales representative is or the size of the initial order.
Mandatory fields prevent incomplete applications from obscuring identity. Separation of duties — keeping the person collecting the application separate from the person approving the credit line — removes the conflict of interest between closing the sale and protecting the company. Escalation paths must be clearly defined. Any request for international shipping on a first order, for example, should trigger an automatic secondary review without exception.
Fraudsters make mistakes when assembling synthetic identities or impersonating established businesses. Training the credit team to look for mismatched data points is one of the highest-return fraud prevention strategies available.
Compare the area code of the phone number to the zip code of the billing address. Check whether trade references are from completely unrelated industries — a lumber distributor providing a bakery as a reference, for example. Review the IP address of a digital application submission: a locally registered business applying from an overseas IP address requires an immediate halt. These signals are rarely obvious in isolation, but they become hard to ignore when the review checklist forces the analyst to check all of them in sequence.
The most direct impact is the reduction of unrecoverable debt. Because B2B orders typically involve high-value goods or large volumes, a single fraudulent transaction can cost tens of thousands of dollars. Stopping fraud at the application stage protects the bottom line before the loss ever occurs.
When an invoice goes unpaid due to fraud, the company loses the cost of goods sold and the expected profit margin. Recovering a $50,000 fraud loss at a 10% margin requires $500,000 in new, legitimate revenue just to break even. Fraud defense and revenue protection are not separate functions — they are the same financial discipline.
Chasing fraudulent accounts drains resources. Collections teams waste hours calling disconnected numbers. AR teams spend time reconciling returns or writing off bad debt. Filtering out fraudulent applications at the entry point allows credit and collections to focus on managing legitimate accounts and resolving real customer disputes, rather than chasing ghosts.
A structured, consistent review process benefits valid customers too. When the credit team has clear frameworks and knows exactly what to look for, clean applications move faster. Legitimate buyers get their credit lines approved and orders shipped without unnecessary delays, while suspicious applications are flagged for deeper review.
Identifying red flags is the first step in protecting your receivables. But what happens when a vulnerability is exposed and you need to secure resources to fix the process? In our next post, From Afterthought to Urgency: How to Build the Business Case for a Fraud Platform After an Attack, we'll outline how credit leaders can turn a painful event into a catalyst for operational change.
First orders slipping through with unverified domains, forged guarantees, or mismatched shipping addresses? Bectran's fraud detection platform includes automated email domain verification that flags newly registered domains at the point of application, ship-to address validation against commercial location databases, real-time identity and ownership checks, document validation with AI to catch signature and authorization mismatches, and bank account matching to verify payment details before credit is extended. Company Radar scans for bankruptcies, legal actions, and financial red flags across multiple live sources — giving your team current intelligence rather than bureau data on a delay. Together, these capabilities surface the anomalies that manual review consistently misses, stopping fraud before the first shipment. See how fraud detection works.
300+ tools for efficiency and risk management
