High riskBank & Payment Scams

Invoice Redirection Scam

In this scam, fraudsters posing as a supplier or contractor email that their bank details have changed, so your next invoice payment is diverted to the scammer's account instead of the genuine business.

Quick verdict

Risk level

High risk

Scam type

Mandate fraud / business payment diversion

Main red flag

An email says a supplier's bank details have changed for your next payment.

What to do first

Verify any bank-detail change by calling the supplier on a known, trusted number.

What this scam usually looks like

Example message pattern

Example pattern — not a real report

Example pattern: 'Please note our bank account has changed. Kindly update your records and send the outstanding invoice payment to the new account below.'

This is a fictional, anonymised example used to illustrate the pattern. It is not a verified real message, and any names are used only to show how the scam typically reads.

Red flags to watch for

An unexpected request to change a supplier's bank details
Email-only contact about the change
Slight differences in the sender's address
Pressure to pay an outstanding invoice quickly
New account details that do not match prior records

What to do

Verify any bank-detail change by phone using a known number
Confirm changes through a second, trusted channel
Set a policy that payment changes require verification
Be alert to look-alike email domains

If you already clicked or replied

If you paid the new account, contact your bank immediately to try to recall it
Alert the genuine supplier and confirm their real details
Report the fraud to your bank and authorities
Review email security, as your or the supplier's account may be compromised

What not to do

Do not change payment details on an email alone
Do not skip verification due to urgency
Do not assume a familiar logo means it is genuine

Similar scams

High risk Bank & Payment

Real Estate Wire Fraud Scam

During a property purchase, criminals who have gained access to a hacked estate agent, solicitor or title company email account send fake or 'updated' wiring instructions. The aim is to divert your deposit or closing funds into an account they control. Because the email appears to come from a trusted party at exactly the right moment in the transaction, these messages can be very convincing. Always verify any payment details by phone using a number you already know.

High risk Email

CEO Fraud Scam

CEO fraud, a form of business email compromise, involves a scammer pretending to be a senior leader and pressuring an employee to move money or buy gift cards quickly and quietly. The email often mimics the executive's name and writing style, claims they are busy or travelling, and stresses secrecy. Because it exploits authority and urgency, even careful staff can be caught out. Slowing down and verifying any unusual payment request through a known channel is the most reliable defence.

Medium risk Email

Fake Invoice Email Scam

This scam emails an invoice or receipt for something you did not buy, hoping you call a fake 'support' number or click a link to dispute it.

Frequently asked questions

How does invoice redirection work?

Fraudsters, sometimes after compromising an email account, send a 'bank details changed' message so your payment goes to them instead of the real supplier.

How do I verify a change safely?

Call the supplier on a number you already have, not one in the email, and confirm the change through a second trusted channel before paying.

I paid the new account. What now?

Contact your bank immediately to try to recall the payment, alert the genuine supplier, and report the fraud.

Whose email was hacked?

It could be yours or the supplier's. Review email security on both sides, and treat any payment-change request with extra caution.

Last reviewed: June 2026

Disclaimer: This page provides educational information only to help you recognise common scam patterns. It is not legal, financial, cybersecurity, or law enforcement advice, and it does not confirm whether any specific message, company, or person is genuine or fraudulent. When in doubt, contact the official organisation directly and report concerns to your local authorities.