suss.

AI-powered fraud detection

Enterprise Pilot Brief

Prepared for SDSU / CSU System

Incident Reference

SDSU lost $5.9M to vendor invoice fraud

A fraudster impersonated a legitimate vendor, sent an invoice with new bank details, and SDSU wired $5.9 million to a fraudulent account. FBI assisted with 90%+ recovery.

94%

Risk Score

Source: The Daily Aztec, Feb 25, 2026

6 threat indicators fired

90%

Vendor bank account change request

85%

New vendor with urgent first payment

85%

Sender domain impersonating vendor

80%

Wire transfer instructions via email

75%

Urgency with late payment penalty

70%

Vendor contact person changed

Why universities are targets

Large vendor ecosystems

Hundreds of active vendors — AP teams can't verify every invoice change.

Decentralized purchasing

Department-level procurement = more entry points for fraud.

High transaction volumes

Millions in monthly payments make scrutiny impractical.

Public org charts

Leadership and finance contacts are publicly listed.

CSU System Exposure

23 campuses. 500K+ employees. $13B+ annual budget. If it happened at SDSU, it can happen anywhere in the system.

How the 30-day pilot works

Submit suspicious emails

Forward any suspicious invoice or payment request for instant analysis. Zero IT integration.

AI scans in seconds

Purpose-built BEC detection analyzes for impersonation, fraud patterns, and social engineering.

Verdict via email

Staff gets a risk score, threat type, and recommended actions before any payment is processed.

Dashboard for IT

Real-time view of scan volume, threat categories, and ROI metrics.

Purpose-built BEC detection across 4 threat categories

Invoice & Vendor Fraud

Detects fraudulent payment changes, suspicious vendor requests, and invoice manipulation.

Executive Impersonation

Identifies spoofed executive communications and urgency-based payment requests.

Wire & Payroll Diversion

Flags suspicious payment routing, new beneficiary requests, and unauthorized changes.

Email Authenticity

Verifies sender legitimacy, domain reputation, and communication anomalies.

$5.9M

SDSU loss prevented

94% detection

40+

Scam categories covered

BEC + phishing + more

94.5%

Detection precision

Near-zero false positives

94.5%

Threat coverage

Comprehensive detection

<2s

Response time

Before payment sent

Pilot terms

Duration

30 days, free

No credit card. No commitment. Cancel anytime.

Setup

Zero IT integration

Staff BCC emails to a scan address. No firewall changes, no software install.

What you get

Full threat intelligence

Real-time verdicts + end-of-pilot report with threat landscape analysis.

Ready to start?

Email us or visit the full case study for a live detection demo.

Email: info@gotsuss.com

Case study: gotsuss.ai/case-study/sdsu

Web: gotsuss.ai