Payment Redirection Fraud: Quietly Diverting Funds

What is Payment Redirection Fraud?

Payment redirection fraud, also known as invoice redirection or vendor payment fraud, is a targeted scam designed to exploit gaps in payment workflows. Fraudsters leverage impersonation, social engineering, and forged documentation to deceive organisations into transferring funds to fraudulent bank accounts.

Essentially, the attacker intercepts or falsifies payment processes. They often pose as trusted partners or suppliers requesting changes to bank account information. Victims unknowingly process these changes, diverting large sums of money to fraudster-controlled accounts.

Real-World Example

In 2024, Santander UK reported that payment redirection scams cost UK businesses more than £50 million. In one case, fraudsters impersonated a trusted supplier and requested a change to bank account details ahead of a scheduled payment. The request appeared legitimate and used urgent language to prompt action. The fraud attempt was prevented when the business independently verified the new payment details with the genuine supplier before transferring funds.

How Payment Redirection Fraud Works

Fraudsters exploit vulnerabilities in communication and verification workflows. Below is an illustration of how attackers manipulate payment frameworks:

Typical Fraud Workflow

  1. Impersonation: Fraudsters create convincing emails or fake accounts using supplier or executive details to request changes to payment instructions.
  2. Forgery of Documents: Attackers submit falsified invoices containing fraudulent payment details.
  3. Urgency and Secrecy: Victims are pressured into bypassing regular verification procedures.
  4. Payment Processing Mistakes: The unsuspecting finance team processes the request, sending funds directly into the fraudulent account.

Key Insight

Fraudsters often employ tactics such as business email compromise (BEC), using socially engineered emails to trick employees into executing transactions.

Common Payment Redirection Fraud Scenarios

Supplier Email Compromise

Fraudsters intercept supplier communications, updating payment details on real invoices to redirect funds.

Fake Invoice Submissions

Attackers create fabricated invoices bearing fraudulent account numbers, typically exploiting weak verification controls.

Executive Impersonation Fraud

Scammers use spoofed emails to impersonate senior executives, requesting emergency transfers from company accounts.

Phishing-Induced Payment Diversion

Fraudsters send phishing emails pretending to be trusted service providers, tricking companies into redirecting legitimate payments.

Reported Case

An international logistics firm reported losing £850,000 when their finance team fell victim to an executive fraud scenario caused by a spoofed executive email requesting urgent fund transfers

Key Red Flags and Behavioural Signals

Awareness of behavioural indicators can help organisations prevent fraud attempts from escalating.

Common Warning Signs

  • Unusual Payment Requests: Unjustified changes to recipient account details with little or no explanation.
  • Time Sensitivity: Emails marked as urgent demand accelerated processing, bypassing standard procedures.
  • Email Address Variations: Scammers use nearly identical domains to appear genuine, e.g., replacing "supplier.com" with "supllier.com".

Organisations should implement robust employee training to identify these red flags effectively, especially within their finance and accounts teams.

Detection and Monitoring Techniques

Proactive monitoring serves as a primary defence against payment diversion schemes. Employing technology-driven solutions can enhance fraud detection efforts.

Key Detection Practices

  • Transaction Monitoring: Analyse payment patterns for unusual deviations, such as sudden payments to new jurisdictions.
  • Cross-Validation Alerts: Notifications for unverified bank details help validate a request before funds are transferred.
  • Behavioural Analytics: Detect anomalies and social engineering tactics within payment workflows based on historical transaction data.

Tools incorporating behavioural verification also contribute to early detection, enhancing fraud oversight without disrupting operations.

Prevention & Controls

Organisations can minimise payment fraud risks by instituting strict internal controls and applying validation practices.

Core Preventive Measures

  1. Supplier Due Diligence

    Revalidate the authenticity of supplier bank account ownership whenever they request changes. Using services like LSEG World-Check One enables detailed background checks and third-party risk assessments, helping you assess suppliers' legitimacy while also meeting compliance regulations.
  2. Payment Authorisation Mechanisms

    Implement dual or multi-step approval processes for significant transfers to reduce risks. By integrating LSEG Risk Intelligence solutions, you can streamline decision-making workflows while ensuring higher levels of regulatory scrutiny.
  3. Cross-Channel Verification

    Confirm sensitive transactions through independent communication channels, such as call-backs, to ensure validity. LSEG Risk Intelligence solutions support cross-verification by triangulating supplier or client data in real-time globally, reducing reliance on a single transaction source.
  4. Bank Account Verification

    Using tools like LSEG Risk Intelligence's Global Account Verification (GAV) solution can assist in maintaining payment destination integrity and supporting fraud prevention efforts. GAV provides real-time verification of business and individual bank accounts across 25+ countries. It helps identify potential red flags, such as mismatches in name-and-account combinations, aiding in fraud detection and compliance processes.

Payment Redirection Fraud vs Authorised Push Payment Frauds

Payment redirection fraud is one category within the broader concept of authorised push payment (APP) fraud, differentiated by the diversion aspect.

  • APP Fraud Overview: Victims authorise payments after being manipulated by fraudsters.
  • Specific Case in Redirection Fraud: Focuses on diverting legitimate business transactions through falsified bank account changes or payment instructions.

Both fraud types exploit victims' reliance on instruction authenticity whilst relying heavily on psychological pressure.

Consequences of Payment Redirection Fraud

Financial Impact

Immediate losses from unauthorised payments could significantly strain organisational liquidity.

Reputational Damage

Repeated attacks signal a lack of adequate safeguards and erode stakeholder trust.

Operational Interruptions

Fraud investigations or disputes often burden departments and divert critical resources away from primary operational goals. Regulators may scrutinise organisations that fail to safeguard transactional processes adequately.

Conclusion: Building Resilience Against Payment Redirection Fraud

To navigate growing complexities surrounding payment security, organisations should harness insights from pioneering intelligence platforms. Fraud risks can never completely disappear but leveraging advanced detection and prevention solutions creates an environment of predictive assurance.

LSEG Risk Intelligence’s collaborative intelligence infrastructure aims to support financial institutions and companies globally by fostering systems that scale towards resilience.

FAQs

  • Payment redirection fraud, also known as payment diversion fraud, occurs when a fraudster manipulates an individual or organisation into sending a payment to a fraudulent account. This manipulation is typically achieved through deceptive communication methods like phishing emails or impersonation of trusted entities.

  • An example of payment diversion fraud is when an attacker impersonates a supplier and sends a legitimate-looking email requesting a change in their banking details. The unsuspecting victim then updates their records, and future payments are redirected to the fraudster’s account.

  • This fraud involves a fraudulent actor convincing a payer to transfer funds to an alternate account by providing fake instructions. Commonly, attackers impersonate a trusted business partner or internal employee, exploiting trust to make their requests appear credible.

  • Common scams include Business Email Compromise (BEC) attacks, invoice fraud, and phishing. For instance, fraudsters might falsify supplier invoices or intercept conversation threads to request payment redirection to their accounts.

  • Signs often include last-minute requests to update payment details, inconsistent communication styles, or emails from slightly modified familiar addresses. Lack of supporting documentation or pressure to act urgently is also an indicator.

  • Implementing multi-layered verification checks, such as validating payment requests directly with the requester, and using tools like Global Account Verification services, can help identify suspicious changes. Monitoring aberrant communications is also effective.

  • Prevention strategies include employee training on fraud awareness, enforcing two-factor authentication for payment changes, and utilising verification solutions that confirm the ownership of bank accounts before processing transactions.

  • Payment redirection fraud focuses on diverting payments via false instructions, while invoice fraud involves sending fake or altered invoices to demand payments for non-existent services. Both may overlap but target slightly different aspects of payment processes.

  • Yes, it is a subset of APP fraud, where schemes trick the payer into willingly sending funds to a fraudulent account under false pretences. Both leverage trust and persuasive tactics to succeed.

  • Business Email Compromise (BEC) attacks involve infiltrating or spoofing legitimate internal and external email communications. Fraudsters use these channels to request payment redirections under the guise of corporate authority or known suppliers.

  • Controls such as robust internal processes for verifying requests, use of account verification services, and mandatory validation of banking information with known contacts reduce the risk. Enhancing email security also mitigates threats.

  • Bank account verification confirms account details and ownership before funds are transferred. This not only prevents payments to invalid or fraudulent accounts but also ensures compliance with anti-fraud regulations.

  • Sectors with complex supply chains, high transaction velocities, or significant external partner interactions - like construction, real estate, and manufacturing - are often primary targets for this type of fraud.

  • Immediately inform your bank to initiate recovery, report the incident to local fraud authorities, and review your internal processes to prevent recurrence.

  • Employees should look for inconsistencies, verify requests through alternate channels, and always question urgency or changes in usual protocols when payment updates are requested. Training sessions tailored to recognise phishing and BEC tactics are invaluable.

Request details

Help & Support

Already a customer?

Office locations

Contact LSEG near you