Finance glossary

What is a payment redirection scam?

Bristol James
3 Min

A payment redirection scam is a type of fraud where cybercriminals deceive victims into making payments to fraudulent accounts.

Since the criminal impersonates a business or its employees via email, this form of payment redirection fraud is sometimes referred to as business email compromise (BEC).

Small and medium-sized businesses in Australia lost $91.6 million to these scams in 2023, with the FBI also calling BEC the $50 billion scam in a recent public service announcement.

How do payment direction scams work?

Here is a general overview of how payment direction scams work in practice.

Reconnaissance

Before the scam is carried out, malicious actors research the target. They will collect information on the company and its employees as well as its clients, vendors and other key stakeholders.

Impersonation

Based on the above, scammers craft fake but convincing emails that appear to come from trusted sources. In more elaborate schemes, the emails mimic the tone and communication style of the person involved.

Spoofed email addresses are also used where characters vary only slightly. For example, a “1” may be used in place of an “l”.

In business email compromise scams, emails may be sent from a legitimate email account that has already been compromised by the criminal.

Request

Fraudulent emails are then sent with a request that relates to money in some way. One email may request an urgent payment on an invoice, while another may ask HR to direct an employee’s salary to a different account.

Some criminals (who have been monitoring email communication for some time) will contact the target with an email similar to one the target may be expecting. The hope is that the target fails to notice discrepancies in email addresses, payment details or other verifiable information.

Redirection

Believing the suspicious email to be legitimate, the target then directs payment to the scammer’s account.

Warning signs of a payment redirection scam

To conclude, let’s take a look at a few of the red flags of a payment redirection scam and how to avoid them altogether.

Payment is requested to a new bank account number

Criminals often impersonate suppliers and will attach notes to fake invoices with new BSB and account numbers. Every other aspect of the invoice is identical, including the number, amount due and even the email address it was sent from.

Before making the payment, it is vital the employee verifies the request with the person who sent it (even if the person is known to them). This must be done with contact details the employee has sourced themselves.

PayID, multifactor authentication (MFA) and dual payment approval processes are three ways for businesses to send money securely.

A supplier reaches out claiming non-payment

When this happens, employees should refrain from complying until the payment history and prior emails have been analysed. Past invoices should be examined and bank details verified with the supplier.

Employees must also avoid acting hastily when prompted to rush a decision. The creation of a false sense of urgency is common in payment redirection scams.

A trusted colleague requests payment

Scammers often impersonate the CEO, CFO or some other notable staff member to gain the target’s trust.

To avoid this tactic, the employee must verbally verify the request with the individual in question – no matter who the sender may be or how convincing their message.

Employees should be extra weary if the person reaches out unexpectedly or on a platform they don’t typically use.

Summary:

  • In a payment redirection scam, scammers deceive employees into transferring funds to a fraudulent account. They do this via impersonation of trusted sources or in some cases, by email account compromise (BEC).
  • Payment redirection scams start with reconnaissance, where the criminal collects information on the target and those with whom they interact regularly. Sometimes elaborate attempts are made to impersonate a trusted source before a request is made and a payment redirected.
  • Some of the warning signs of a payment redirection scam include payment requests to new bank accounts, payment requests from high-level staff or emails from suppliers claiming non-payment. A combination of automatic and manual verification can help prevent these scams.

Related articles

Finance glossary

How to read a check

Reading a check may appear straightforward at first glance, but the various elements that comprise a check play a crucial role in …

Read more
Finance glossary

What are internal controls?

In finance, internal controls are processes that ensure and maintain the integrity of financial and accounting information. These controls foster accountability, safeguard …

Read more
Finance glossary

What is a hedging strategy?

A hedging strategy is a risk management strategy to avoid large financial statement losses due to investment fluctuations. Hedges work like an …

Read more

The new security standard for business payments

End-to-end B2B payment protection software to mitigate the risk of payment error, fraud and cyber-crime.