Startseite
Newsroom
Bezahlblog™

New risks from invoice fraud: How car dealers and customers can protect themselves

Digitization
Tips
security
Larissa
Marschewski
Head of Marketing & Communications
9.4.25
Digitization brings numerous benefits for companies and customers: faster exchange, more efficient processes and lower costs. However, as digital invoices become more widespread, the risk of fraud and liability issues is also growing. Recent court rulings in Germany show that considerable security precautions are necessary when sending email invoices in order to avoid financial losses.

In the automotive industry in particular, where large sums of money are exchanged between customers, dealers and manufacturers on a daily basis, fraudulent invoices can quickly lead to considerable losses - both financial and reputational. At the same time, the mandatory introduction of e-invoicing in Germany is coming into focus: what does this mean for car dealerships, manufacturers and service companies? And how can processes be safeguarded without losing efficiency?

E-invoicing mandatory since 2025

Since 2025, electronic invoicing (e-invoicing) has been mandatory for B2B transactions for many companies in Germany. The aim is to standardize the exchange of invoices and prevent tax fraud.

However, while e-invoicing sets new legal standards, a critical security issue remains: how can companies ensure that their invoices are not manipulated and that payments actually reach the right recipient?

Recent rulings: Who is liable for fraud with e-mail invoices?

Two recent rulings by higher regional courts show that responsibility is not always clear:

OLG Karlsruhe (case no. 19 U 83/22): A manipulated invoice was sent to the buyer after a hacker attack, who transferred the amount to a false account. The court ruled that the retailer had not committed a breach of duty as it had taken sufficient security measures. However, the buyer was considerably contributory negligent, as the forged email contained conspicuous inconsistencies.

Schleswig-Holstein Higher Regional Court (Ref. 12 U 9/24): An unencrypted email containing an invoice was manipulated so that the customer transferred the amount to a false account. It was decided that the payment did not fulfill the claim, but that the plaintiff (the company) had violated the GDPR because it had not taken sufficient security measures. Contributory negligence on the part of the customer was not established.

These rulings show that companies can be held liable in different ways depending on their security precautions - a risk that is becoming increasingly relevant due to rising cases of fraud.

Security measures: How companies protect themselves against fraud

According to the German Association of the Motor Trade (ZDK), there are clear recommendations to minimize the risk of liability:

  • Encryption of emails: invoices should be sent by email using end-to-end encryption, as simple transport encryption is not sufficient.
  • Two-factor authentication (2FA): Customers should log in via secure portals to retrieve billing information instead of receiving it directly via email.
  • Educate customers: Customers should be informed about common fraud methods such as "man-in-the-middle" attacks and made aware to always check billing data and make sure their email passwords are secure.
  • Alternative delivery channels: If security requirements are high, sending invoices by post can still be a secure option.

Conclusion: greater security is becoming mandatory

With increasing digitalization and the upcoming e-invoicing obligation, the security of invoices will become a decisive factor for companies. Courts are already making it clear that inadequate security measures can be expensive. Companies should therefore focus on secure invoicing processes at an early stage - from encryption to secure customer portals.

Those who adapt to the new requirements in good time and invest in security measures will minimize liability risks and protect themselves and their customers from fraud.

One way to minimize this risk is the secure and encrypted transmission of invoices. This is exactly where solutions such as bezahl.de come in: By sending invoice documents in encrypted form and integrating them directly into digital payment processes, the risk of sensitive payment information being manipulated on its way to the recipient is reduced. This enables companies to make their invoicing processes not only more efficient, but also more secure.


Find out more about bezahl.de now!

PDF
🡒 Veröffentlicht am
9.4.2025
aufinity Group GmbH
Hohenzollernring 89-93, 50672 Cologne
+49 (0) 221-9501840
DE
EN
Platform
Added value for car dealershipsDigital payment managementModern payment experienceMoney laundering preventionFully digital installment paymentbezahl.de smart checkoutCustomer accountWhite Label SolutionAutomated dunning
References
Customer success storiesSystems and integrations
Download the case study
Newsroom
What others say about usThe PaymentBlog™Press releasesPress kit and press contact
Company
Trust and safetyThe companyA brand by Aufinity GroupESG — Environmental, Social and Corporate GovernanceCareer at bezahl.deOur team
ContactAppointment
roadmap
API documentation
Login
Coloured flag of the European Union
WE ARE FULLY COMPLIANT WITH GDPR AND GERMAN GDPR.
bezahl.de is a product of Aufinity Group
Made with love in Cologne, Germany.
Imprint and privacy
Cookies

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

PreferencesDenyAccept
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Responsive view in progress