Vendor Invoice Fraud via SWIFT Details Change — How to Identify & Stay Safe

INDIA — By BharatSecure Threat Intelligence Team · Updated May 29, 2026

Severity: HIGH | View Full Scam Details

Vendor Invoice Fraud via SWIFT Details Change in India 2026: Beware of This Rising Threat

Vendor invoice fraud using fake SWIFT details change is causing big financial losses for Indian businesses in 2026. This scam exploits email, WhatsApp, and UPI to trick companies into sending money to fraudsters’ accounts.

What Is the Vendor Invoice Fraud via SWIFT Details Change?

Vendor invoice fraud via SWIFT details change is a cybercrime where fraudsters intercept or monitor communication between a company and its suppliers, then replace legitimate bank details with fake SWIFT or UPI information. This tricks the company into transferring payments to the fraudsters’ accounts instead of the rightful vendor’s.

In India, this scam affects businesses of all sizes—from small suppliers to large corporates—especially those dealing with multiple vendors and frequent invoice payments. Since SWIFT transfers and UPI payments are common payment methods, scammers take advantage of both traditional banking and instant digital payments to defraud organizations.

The scam is increasingly reported in public complaints to cybercrime units and state police. CERT-In and I4C (Indian Cyber Crime Coordination Centre) have issued general advisories warning businesses to be vigilant about any sudden change in vendor banking details. The severity score remains high due to the significant financial and operational risks involved.

How This Scam Works — Step by Step

1. Information Gathering: Fraudsters begin by either hacking vendor email accounts or by social engineering employees within the target company. They aim to get details about ongoing payment transactions, vendor contacts, and invoice formats.

2. Fake SWIFT or UPI Details Sent: When a genuine invoice is due, scammers send an altered invoice by email or WhatsApp, showing new bank details or a different UPI ID (e.g., us**@bank instead of the official one). The numbers are often very similar to the legitimate account or phone numbers.

3. Impersonation of Authority: To increase trust, the fraudsters sometimes impersonate senior managers or the vendor’s representative, sending follow-up emails or WhatsApp messages urging prompt payment, often citing urgency or penalties for delayed payment.

4. Payment Transfer: The company accounts team, under pressure and without verifying the changes through trusted channels, releases payment to the fraudulent SWIFT account or transfers money using UPI to the fake ID.

5. Money Disappears: Once money is transferred, it is quickly moved around using multiple accounts or cash withdrawals. Due to the speed and the complexity of banking channels, recovery becomes very difficult.

6. Discovery: Payments are eventually noticed as unpaid by the legitimate supplier, triggering internal audits and police complaints.

Real Warning Signs to Watch For

• Sudden, unverified changes in vendor bank details or UPI IDs in invoices
• Payment instructions coming from new or unofficial WhatsApp numbers or emails closely resembling the real ones (e.g., 98XXXXXX12 vs 98XXXXXX13)
• Emails or messages demanding immediate or urgent payments, often citing penalties or discounts
• Lack of accompanying official communication through usual vendor contact channels (phone calls verified independently)
• Payment requests sent outside normal business hours or during holidays
• Vendor or senior manager impersonation, especially via WhatsApp messages showing profile photos or similar names
• Multiple invoices with slight variations in bank details within a short timeframe

What Happens to Victims

Victims of this scam often face severe financial losses since the transferred funds are hard to recover, especially when moved to accounts with weak KYC or quickly changed SIM cards. In India, UPI payment reversals are complex and time-sensitive, meaning once money is sent to a fraudulent ID, it may be nearly impossible to get it back.

Besides monetary loss, businesses suffer operational delays, disrupted vendor relationships, and reputational harm. The emotional impact on employees involved in payment processing can be high, with blame and stress mounting internally. In cases involving Aadhaar-based verifications for account changes, unauthorized use can cause further identity theft risks.

What RBI and CERT-In Say

The Reserve Bank of India (RBI) has issued guidelines urging businesses to implement multi-factor authentication before approving payment instructions, especially for vendor detail changes. RBI also reminds companies to monitor banking channels for suspicious transactions promptly.

CERT-In and I4C emphasize maintaining strict vendor verification policies and caution against relying solely on email or WhatsApp communication for payment instructions. Indian Cyber Crime Coordination Centre’s 1930 helpline is available for reporting such cyber fraud incidents.

The government encourages companies to report fraud promptly to cybercrime.gov.in and consult their banks to attempt transaction blocks where possible.

How to Protect Yourself

1. Verify Vendor Details Directly: Always confirm bank or UPI detail changes via a trusted phone number or in-person contact before making payments. Do not rely solely on email or WhatsApp messages.

2. Set Multi-Layer Approvals: Implement a multi-step approval process requiring different people to verify payment requests and vendor details.

3. Use Official Channels Only: Avoid accepting invoice details or payment instructions via personal WhatsApp; insist on official company email addresses and confirm through calls.

4. Monitor for Similar Phone Numbers: Watch out for slight variations in phone numbers or UPI IDs linked with suppliers.

5. Train Staff Regularly: Conduct awareness sessions for accounts and procurement teams about vendor fraud tactics like SWIFT detail changes.

6. Keep Incident Logs: Maintain records of all communications with vendors related to payments for auditing and investigation.

7. Use Bank Alerts: Opt for SMS or email alerts on high-value transactions to detect unauthorized transfers quickly.

What to Do If You've Been Targeted

• Immediately contact your bank to alert them and request a transaction hold or reversal if possible.
• Lodge a complaint with your local police cybercrime unit and file an FIR mentioning vendor invoice fraud.
• Report the incident on the official cybercrime portal at cybercrime.gov.in for coordinated response.
• Call the 1930 cybercrime helpline to seek guidance and report cyber fraud.
• Inform the legitimate vendor to avoid duplicate payments and clarify the situation.
• Secure your company email and communication channels by changing passwords and enabling two-factor authentication.
• Consult with legal or cybersecurity experts to plan recovery steps and prevent future attacks.

Frequently Asked Questions

Q: How can I differentiate a genuine vendor invoice from a fraudulent one?
Always verify any changes in payment details directly with your vendor using a known phone number or email—not by replying to the invoice message itself. Genuine vendors rarely ask for payment detail changes without prior written confirmation.

Q: Are UPI payments safe from vendor invoice fraud?
UPI itself is secure, but scammers exploit the ease of digital transfers by sending fake UPI IDs. Once money is transferred to a fraudulent ID, recovering funds is difficult, so verification before payment is crucial.

Q: Can banks reverse payments made to fraudulent accounts?
Banks in India may reverse payments only if fraud is reported promptly and under specific circumstances. Hence, reporting suspicious transactions early to your bank increases chances of recovery.

Protect your business by double-checking vendor requests and suspicious messages. When in doubt, verify details on BharatSecure.app and report suspicious activities right away to 1930.

Disclaimer: This article describes a pattern of fraud reported in public sources for public-safety awareness. It is not legal, financial, or medical advice. To request correction or removal of any content, write to hello@bharatsecure.app.