How to protect yourself from Compromised Vendor Invoice Diversion Scam?

Do not click any links or share personal information Block and report the sender immediately Report at cybercrime.gov.in or call 1930 Inform your bank if financial details were shared

Compromised Vendor Invoice Diversion Scam

Verdict: Suspicious | Risk Score: 8/10 | Severity: high

Category: Phishing

How Compromised Vendor Invoice Diversion Scam Works

Overview: Fraudsters are increasingly targeting Indian companies by hacking into vendor email accounts and altering invoices. These compromised invoices redirect payments to bank accounts controlled by scammers, including those abroad. This scam is both clever and damaging because the emails often look like genuine ongoing vendor conversations, making even experienced accounts teams fall for the ruse. How It Works: Attackers first compromise a vendor’s email account (via phishing or malware). They monitor legitimate business conversations, often waiting for a large or routine invoice to be sent. The scammer then quietly edits the vendor’s invoice, changing the beneficiary bank details to their own (often with foreign bank accounts). The invoice is sent to the client (the Indian company) as usual, and payment is made to the wrong account. The legitimate vendor flags non-payment much later, usually after funds have left the country. India Angle: Indian mid-to-large enterprises are heavily impacted, especially those with multiple foreign and domestic vendors. Accounts/payroll teams in Mumbai, Ahmedabad, Pune, and major export hubs are regular targets. Multinational corporations and those with less mature cyber hygiene are especially at risk. Real Examples: An Ahmedabad exporter receives a quarterly payment request from its Chinese logistics partner (from a genuine email thread), but the bank details are subtly changed to a Hong Kong account. Payment is made but the vendor follows up weeks later for non-payment. Red Flags: - Unsolicited changes to regular beneficiary bank details - Invoices referencing old email threads but with minor formatting differences - Requests for payment to accounts in unexpected locations - Pressure to pay quickly to avoid penalties Protective Measures: - Always verify any changes to vendor bank details by direct phone confirmation - Maintain a register for approved beneficiary accounts - Educate staff to spot subtle invoice changes and cross-check email sender details - Use secure vendor portals for invoice exchange If Victimised: Notify your bank and attempt fund recall. File a cybercrime report on cybercrime.gov.in and inform your vendor to alert their bank. Document all correspondence. Related Scams: - Business Email Compromise (BEC) Invoice Frauds - Phished Payment Diversion Scams

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Compromised Vendor Invoice Diversion Scam Target?

General public across India

Red Flags — How to Identify Compromised Vendor Invoice Diversion Scam

Sudden change in vendor bank details
Invoice received from expected email thread but with tweaks
Incoming payments asked for unfamiliar locations
Pressure to pay immediately

What To Do If You Encounter Compromised Vendor Invoice Diversion Scam

Do not click any links or share personal information
Block and report the sender immediately
Report at cybercrime.gov.in or call 1930
Inform your bank if financial details were shared

How to Report Compromised Vendor Invoice Diversion Scam in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What is Compromised Vendor Invoice Diversion Scam?: Overview: Fraudsters are increasingly targeting Indian companies by hacking into vendor email accounts and altering invoices. These compromised invoices redirect payments to bank accounts controlled by scammers, including those abroad. This scam is both clever and damaging because the emails often look like genuine ongoing vendor conversations, making even experienced accounts teams fall for the ruse. How It Works: Attackers first compromise a vendor’s email account (via phishing or malware). T
How does Compromised Vendor Invoice Diversion Scam work?: Overview: Fraudsters are increasingly targeting Indian companies by hacking into vendor email accounts and altering invoices. These compromised invoices redirect payments to bank accounts controlled by scammers, including those abroad. This scam is both clever and damaging because the emails often look like genuine ongoing vendor conversations, making even experienced accounts teams fall for the r
How to protect yourself from Compromised Vendor Invoice Diversion Scam?: Do not click any links or share personal information Block and report the sender immediately Report at cybercrime.gov.in or call 1930 Inform your bank if financial details were shared
How to report Compromised Vendor Invoice Diversion Scam in India?: Report to cybercrime.gov.in or call 1930 (National Cyber Crime Helpline). You can also contact your local police station's cyber cell.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.