SWIFT Wire Diversion with BEC Email Spoofing

How SWIFT Wire Diversion with BEC Email Spoofing Works

Overview: This sophisticated scam targets Indian corporates, especially export-import companies and those with cross-border banking activity. The scam combines a technical attack on the SWIFT banking system with an email deception called Business Email Compromise (BEC). Scammers break into a bank’s SWIFT system to issue unauthorized wire transfers, then use fake emails posing as CEOs or financial controllers to trick company staff into approving or failing to question these transfers. Victims end up losing large sums to international fraudsters. It’s dangerous because even vigilant finance teams can be fooled by emails that appear genuine and urgent from their own management. High-value transactions are at risk, often routed overseas and difficult to recover. How It Works: Scammers first gain access to a bank’s SWIFT endpoint, often exploiting software vulnerabilities or phishing employees for login credentials. Once inside, they prepare fraudulent payment instructions for international wire transfers. Simultaneously, they launch a BEC campaign, sending urgent emails (sometimes appearing to come from real company executives) requesting that finance teams approve a high-value transfer to a new beneficiary. If the staff approves or doesn’t question the request, funds are wired abroad to mule accounts. Funds are usually routed through intermediaries in Hong Kong, Dubai, the UK, or China, making tracing difficult. India Angle: Indian corporates with international suppliers or clients are specifically targeted, especially those in Maharashtra, Tamil Nadu, and Delhi due to high export/import business. UPI is not involved, but the scam often strikes via business emails hosted on local domains. Many Indian private and public banks (including RBI) are on SWIFT, increasing potential targets. Finance professionals aged 30-55 are most at risk. Real Examples: A finance manager at a Chennai-based export firm receives an urgent email: “This is your MD. Approve wire transfer of $47,000 to new vendor account in Hong Kong for urgent shipment. Strictly confidential. Reply ASAP.” The email ID is a close copy of the real MD’s. Red Flags: - Sudden urgent wire requests, often from higher management email IDs - Requests to transfer funds to new overseas beneficiaries - Use of unusual phrases or pressure to keep communication confidential - Transfers routed through unfamiliar international banks Protective Measures: - Always verify requests for large or new overseas payments by calling the executive from a known number - Implement dual-control for wire approvals - Educate staff to scrutinize sender email IDs - Enforce SWIFT security updates and periodic audits If Victimised: Immediately notify your bank to attempt to halt the wire transfer. File complaints with the local cybercell, report on cybercrime.gov.in, and alert the RBI fraud portal. Call 1930 for rapid action. Related Scams: - Vendor Invoice Fraud (fake payment instructions for routine bills) - Payment Diversion via Phished Credentials

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does SWIFT Wire Diversion with BEC Email Spoofing Target?

General public across India

Red Flags — How to Identify SWIFT Wire Diversion with BEC Email Spoofing

• Urgent wire transfer requests from management emails
• Unfamiliar international beneficiary bank accounts
• Unusual insistence on secrecy or fast action
• Minor differences in sender email address
• Requests targeting finance staff on payroll days

What To Do If You Encounter SWIFT Wire Diversion with BEC Email Spoofing

1. Do not click any links or share personal information
2. Block and report the sender immediately
3. Report at cybercrime.gov.in or call 1930
4. Inform your bank if financial details were shared

How to Report SWIFT Wire Diversion with BEC Email Spoofing in India

• Call 1930 — National Cyber Crime Helpline (24x7)
• File a complaint at cybercrime.gov.in
• Contact your bank immediately if money was lost
• Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What is SWIFT Wire Diversion with BEC Email Spoofing?

Overview: This sophisticated scam targets Indian corporates, especially export-import companies and those with cross-border banking activity. The scam combines a technical attack on the SWIFT banking system with an email deception called Business Email Compromise (BEC). Scammers break into a bank’s SWIFT system to issue unauthorized wire transfers, then use fake emails posing as CEOs or financial controllers to trick company staff into approving or failing to question these transfers. Victims en

How does SWIFT Wire Diversion with BEC Email Spoofing work?

Overview: This sophisticated scam targets Indian corporates, especially export-import companies and those with cross-border banking activity. The scam combines a technical attack on the SWIFT banking system with an email deception called Business Email Compromise (BEC). Scammers break into a bank’s SWIFT system to issue unauthorized wire transfers, then use fake emails posing as CEOs or financial

How to protect yourself from SWIFT Wire Diversion with BEC Email Spoofing?

Do not click any links or share personal information Block and report the sender immediately Report at cybercrime.gov.in or call 1930 Inform your bank if financial details were shared

How to report SWIFT Wire Diversion with BEC Email Spoofing in India?

Report to cybercrime.gov.in or call 1930 (National Cyber Crime Helpline). You can also contact your local police station's cyber cell.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.