Linkedin Instagram Facebook
Get Started
Get Started

How the Payment-Redirection Fraud Works and What to Do About It

in Best Practices, Cybersecurity
Nieto Technologies How the Payment-Redirection Fraud Works and What to Do About It

That “Urgent Invoice” Email Your Accounts Payable Just Received? It Might Be a Scam.

How the Payment-Redirection Fraud Works and What to Do About It

Every day, small businesses across the country receive what looks like a perfectly normal email from someone they do business with — a supplier, a contractor, a property manager — requesting that an upcoming invoice be sent to a different bank account or a new wire-transfer address. The tone is usually calm, the request is marked “urgent,” and the email address looks almost exactly like the real person’s.

It’s not a glitch. It’s a scam, and it’s one of the most expensive cyber-attacks on small businesses, costing over $2.9 billion in 2024 alone according to the FBI’s Internet Crime Complaint Center.

The Pattern You’ll See Repeatedly

Here’s how the payment-redirection fraud  typically plays out:

  • Step 1 — The Setup (weeks or months earlier).  A criminal compromises an employee’s email account, or spoofs a vendor’s domain so closely that it looks identical at a glance. Maybe they grab a few past invoices from a breached database. They learn your business’s rhythm.
  • Step 2 — The Request (the email you’re holding right now). An email arrives saying something like:
    • “Hi, we’ve updated our banking details. Please update your records and send the next payment to our new account. Attached is a formal change-of-venue letter for your files.”
    • There’s often a PDF attached — an official-looking document with your vendor’s letterhead, a new routing number, and a sense of urgency. “We need payment by Friday or there will be a service interruption.”
  • Step 3 — The Loss. If the request is followed without verification, the money disappears into offshore accounts within hours. Recovery is rare.

Why The Scam Works (And Why It’ll Keep Working)

This scam doesn’t hack your firewall. It hacks *trust*. It targets the most efficient part of your business: the routine tasks you’ve trusted your team with for years. An accounts-payable clerk has every reason to believe a request from a long-time vendor, especially one marked urgent with paperwork attached.

What You Can Actually Do About It

You don’t need fancy tools. You need one simple rule:

Verify any payment-change request through a known, independent channel. Not through a phone number in that email. Not through a link in that email. Pick up the phone and call the person or vendor at the number you *already have on file. Ask them directly: “Did you send me a banking-change request?”

If you can’t reach them, don’t pay!

Practical steps to Avoid Finance Fraud

  • Require dual approval for any change to vendor banking information, even if it’s just a quick text or Slack message to a second person on your team.
  • Flag “urgent” financial emails for extra scrutiny. Urgency is the scammer’s best friend because it short-circuits your natural skepticism.
  • Keep a master list of your vendors’ verified banking details and update it only in person or by phone. Never email banking changes.

The Bottom Line

Payment-redirection scams don’t care how small your business is. If you send or receive payments electronically, you’re a target. The defense isn’t complicated — it’s a habit: verify, don’t trust.

If you want us to review your current payment verification process or run a quick check on your email setup for signs of compromise, reach out. We’ve helped dozens of businesses like yours lock this down without disrupting normal workflow.

 

Got questions? Contact Nieto Technology. We’ll walk through what this means for your specific setup — no jargon, no fear-mongering. Just honest help.

Related Posts