Fake Vendor Payment Account Change Scam

How Fake Vendor Payment Account Change Scam Works

Overview: In this scam, fraudsters contact businesses pretending to be existing vendors or suppliers, informing them about a 'changed' bank account for future payments. The target is office staff responsible for accounts, purchase, or vendor management. This scam is dangerous because it hijacks existing trusted relationships to divert legitimate funds. How It Works: Attackers observe company-vendor relationships via email, LinkedIn, or website details. They then send a fake email or WhatsApp message from an address [ADDRESS_REDACTED]. The message informs the target that all future payments should go to a new bank account. The staff, believing the source to be genuine, updates their records and sends payments to the fraudster’s account. In some cases, urgent wording like 'audit compliance' or 'GST filing' is used to pressurise quick action. India Angle: Indian trading, manufacturing, and services firms in states like Tamil Nadu, Maharashtra, and Gujarat are vulnerable due to frequent vendor payments via NEFT, RTGS, or UPI. WhatsApp is commonly used for business communication, making it a prime attack vector. Real Examples: - An email claims: "Dear Sir, effective immediately, our account number has changed for this quarter. Please remit all future invoices to the below account for compliance purposes." - A WhatsApp message from a new number says: "Urgent: GST team has updated our payment account. Kindly update your records and confirm transfer." Red Flags: - Unexpected claim of bank account change by a supplier. - Urgent requests without prior discussion. - Contact from a new mobile number or unfamiliar email ID. - Pressure not to verify via phone or alternate channel. Protective Measures: Any vendor bank account change must be verified by calling the known vendor contact. Do not rely only on email or WhatsApp for such updates. Maintain a strict internal protocol for beneficiary changes, including supervisor approval. If Victimised: Reach out to the bank for recall or freeze, report the scam at 1930 and www.cybercrime.gov.in, and inform your vendor. Related Scams: 1. Executive impersonation payment requests. 2. Fake auditor or tax officer payment emails. 3. Employment offer letter deposit scams.

How This Scam Works — Detailed Explanation

In the Fake Vendor Payment Account Change Scam, fraudsters target businesses by pretending to be legitimate vendors or suppliers. They gather information about the company's existing vendor relationships through various online platforms like email, LinkedIn, and corporate websites. After identifying an unsuspecting finance or accounts team member, they initiate contact, often using spoofed emails or WhatsApp messages. This direct approach makes it seem like a routine communication when in fact, the scammer is setting the stage for a sophisticated con. These fraudsters research companies meticulously, which gives them insights into the language and behavior that is typical in vendor communication. Thus, their messages appear credible and convincing.

Once the initial contact is established, scammers deploy psychological tactics to create a sense of urgency and to induce compliance. They often inform targeted staff that there is a 'change' in bank account details due to 'bank regulations' or 'updating records.' Pressure tactics might include a demand for fast action, insisting that payments must be made to the new account immediately to avoid disruptions in service or product deliveries. Phrases like 'time is of the essence' are strategically used to prevent victims from thoroughly verifying the authenticity of the request. Additionally, scammers might advise victims against directly contacting the original vendor through known channels, creating further isolation from their established support systems.

As a result of this deception, victims unknowingly redirect payments into fake accounts, causing significant financial losses. For instance, imagine a small manufacturing firm that regularly collaborates with a supplier for raw materials. If they receive a fraudulent message using the vendor's branding—complete with fake bank details and a sense of urgency—lines could blur between real and fraudulent communications. Victims typically face a harrowing realization when they try to verify a supposedly completed transaction, only to discover that the funds are missing. Reports have shown that these scams collectively led to losses of over ₹150 crore across India last year, showcasing how deeply rooted and prevalent the issue is becoming in our economy.

According to the Ministry of Home Affairs (MHA) and RBI guidelines, such scams are categorized as serious fraud cases. CERT-In has even issued advisories urging businesses to be vigilant of unexpected changes to vendor payment details. Many victims, after realizing their hard-earned money has disappeared, find it devastating, and the path to recovery is not straightforward. Legal recourse can be complicated, and people often resort to reporting the crime but feel disappointed as recovery rates for such scams remain low. Awareness and proactive measures are crucial, making it necessary for businesses to educate their staff on recognizing and preventing these scams.

Identifying these scams involves spotting clear red flags amidst fraud attempts. Unplanned changes from familiar vendors regarding bank accounts should invoke skepticism along with any requests that come from unfamiliar contact numbers or emails. If the communication stresses urgency or requests not to confirm with known contacts, that's a significant signal of potential fraud. Other signs include spelling errors, strange formatting, or mismatched email address domains that don’t align with established vendor practices. By learning what distinguishes legitimate communications from fraudulent ones, businesses can protect themselves against this ever-evolving threat.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does Fake Vendor Payment Account Change Scam Target?

General public across India

Red Flags — How to Identify Fake Vendor Payment Account Change Scam

• Unplanned changes to familiar vendor bank accounts
• Requests for payment sent from a new contact number or email
• Pressure to act quickly without normal verification
• Contact advises not to call known vendor number
• Spelling or formatting errors in communication

What To Do If You Encounter Fake Vendor Payment Account Change Scam

1. Report the incident immediately at 1930 or through cybercrime.gov.in to help authorities track the scam.
2. Verify the new payment details by contacting your vendor through their known contact number before making any payments.
3. Consult with your company’s finance or legal department about the suspicious communication and follow established protocols.
4. Document all communications related to the scam as evidence for reporting to banks and law enforcement.
5. Alert your bank about the potential fraud attempt so they can monitor for any unusual activities in your accounts.
6. Educate your team on this type of scam and conduct regular training sessions to improve awareness.

How to Report Fake Vendor Payment Account Change Scam in India

• Call 1930 — National Cyber Crime Helpline (24x7)
• File a complaint at cybercrime.gov.in
• Contact your bank immediately if money was lost
• Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a UPI scam?

Immediately contact your bank's helpline (SBI: 1800-11-1109, HDFC: 1800-202-6161) and request them to block your account. File a report with cybercrime at 1930 or cybercrime.gov.in.

How can I identify if the bank account change communication is a scam?

Look for unplanned changes in familiar vendor accounts, requests to act quickly, and advice against confirming with known contacts.

How do I report a vendor payment account change scam in India?

You can report the scam at 1930, file a complaint online at cybercrime.gov.in, and contact your bank to inform them about the fraud.

How can I recover money lost in this scam?

Contact your bank immediately to investigate the transaction, and file a police report as soon as possible. While recovery might be challenging, taking these steps is crucial.

Related Scams in India

• AI Deepfake CEO Fraud (BEC Scam)
• AI Deepfake Executive Authorization Scam
• AI Deepfake Voice Payroll Fraud
• AI Voice Clone Urgent Money Transfer Scam (General)
• AI Voice Cloning Emergency Scam (Familiar Person)

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.