UPI-Linked Business Payment Redirection Scam

How UPI-Linked Business Payment Redirection Scam Works

Overview: The UPI-Linked Business Payment Redirection Scam manipulates Indian firms by tricking employees into changing supplier payment details to those controlled by scammers. This results in funds being transferred to fraudulent UPI accounts, causing huge losses for both payer and supplier, and disrupting vital supply chains. How It Works: Hackers gain access to official company email accounts through phishing or malware, monitor ongoing vendor communications, and then send spoofed emails to the payments team instructing them to update UPI details for future vendor payments. The change is communicated as urgent, perhaps due to "bank issues," and is followed by calls or WhatsApp notes from fake vendor representatives. Funds are then siphoned immediately, often split across several UPI IDs. India Angle: UPI familiarity and trust is high in Indian business, and staff may not cross-verify changed payment details, especially for urgent orders. Large enterprises and fast-moving consumer goods (FMCG) sectors in Mumbai, Delhi, and Gujarat are frequent targets. Real Examples: An accounts officer at a Pune textile firm receives an email from a vendor's address [ADDRESS_REDACTED]order. Payment is made, but the real vendor never receives the money. Red Flags: 1. Sudden request to update vendor UPI or account details. 2. Slight spelling errors in sender email/UPI ID. 3. Pressure to confirm update quickly. 4. Follow-up via WhatsApp or call from new/unknown numbers. 5. Lack of matching documentation from regular vendor contacts. Protective Measures: - Cross-check any vendor payment detail change via an established contact number. - Implement a dual-approval policy for account/UPI changes. - Monitor for unauthorized access to business emails; change passwords regularly. If Victimised: - Notify your bank instantly to try and recall the funds. - Report UPI fraud immediately via 1930, cybercrime.gov.in, or RBI complaint channels. - Inform the real vendor partner to halt further transactions. Related Scams: 1. Business invoice interception scams. 2. UPI QR code phishing. 3. Payroll diversion via fake HR requests.

How This Scam Works — Detailed Explanation

The UPI-Linked Business Payment Redirection Scam begins with scammers targeting Indian companies through established channels like email. They often use phishing tactics to gain unauthorized access to email accounts of finance or procurement personnel. Once inside, these cybercriminals diligently monitor ongoing communication with suppliers. They take advantage of the ubiquity of UPI in India to manipulate payment processes, posing as vendors by altering payment details. This often involves creating fake UPI accounts that appear legitimate at first glance, leveraging platforms like WhatsApp to communicate with employees, and capitalizing on the ease of digital transactions in a UPI-centric economy.

Psychologically, these scammers exploit the trust inherent in business relationships. Their tactics include crafting emails that mimic the official tone of a supplier's communications, using urgency to persuade employees to act quickly without verifying the requests. They create sophisticated spoofed email addresses that look almost identical to the genuine ones, often using minor typos or domain alterations that could easily go unnoticed. Additionally, scammers might employ tactics such as calling employees from unrecognized numbers to follow up on these requests, adding to the pressure. The combination of urgency and false authority can cause employees to overlook common sense, leading them to make hasty decisions that facilitate the scam.

Once an employee falls for the ruse and alters the supplier's UPI details, the payment is made to the scammer's account instead of the intended recipient. For instance, a recent case involved an Indian manufacturing firm that lost approximately ₹5 crore due to this type of scam when an employee updated the payment details based on a spoofed email. After transferring the funds, the scammers quickly transferred the money to several other accounts, making recovery nearly impossible. Victims often report feelings of betrayal and dismay, not only due to the financial loss but also because of the profound disruption such scams can cause to vendor relationships and supply chains.

The impact of these scams is dire, with estimates showing that India lost over ₹300 crore to business email compromise fraud in 2022 alone, impacting various sectors, including manufacturing, logistics, and information technology. Government entities like the Ministry of Home Affairs and the Reserve Bank of India have issued multiple advisories to warn companies about such threats. The CERT-In has also been actively monitoring these types of scams and has recommended robust cybersecurity practices to minimize risks. Overall, the implications are far-reaching, often affecting thousands of jobs and disrupting important business transactions in today’s digital economy.

To differentiate between a legitimate communication and a scam, one should look for specific red flags. If a request to update UPI or account details comes without prior notice, it's a strong indication of a potential scam. Examine the sender’s email for phishing-like errors, such as a mismatch in domain names. Additionally, if there is an unusual sense of urgency in confirming details, or if the contact details do not match your company's usual vendor communications, treat such requests with skepticism. Genuine communications typically have consistent contact information and defined processes for payment updates, so always verify changes with the suppliers directly before taking any action.

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does UPI-Linked Business Payment Redirection Scam Target?

General public across India

Red Flags — How to Identify UPI-Linked Business Payment Redirection Scam

• Requests to update supplier UPI/account details without prior notice
• Phishing-like errors in sender’s address
• Urgency to confirm change immediately
• Follow-ups from unrecognized phone numbers
• Mismatch between regular and new vendor contact

What To Do If You Encounter UPI-Linked Business Payment Redirection Scam

1. Report the incident immediately at 1930 or cybercrime.gov.in.
2. Contact your bank's customer service to block any unauthorized transactions.
3. Inform your company's IT department to enhance email security measures.
4. Verify all payment requests through direct contact with the supplier.
5. Educate your team about recognizing phishing attempts and scams.
6. Change all passwords for involved accounts to prevent further breaches.

How to Report UPI-Linked Business Payment Redirection Scam in India

• Call 1930 — National Cyber Crime Helpline (24x7)
• File a complaint at cybercrime.gov.in
• Contact your bank immediately if money was lost
• Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What to do if I shared my OTP in a UPI scam?

Immediately contact your bank’s customer service at SBI 1800-11-1109 or HDFC 1800-202-6161 to report the incident and block your account.

How can I identify a UPI-Linked Business Payment Redirection Scam?

Look for request changes in payment details that lack prior communication, along with inconsistencies in sender email addresses.

How do I report this type of scam in India?

You can report it at 1930 or file a complaint on cybercrime.gov.in. Additionally, inform your bank about the fraudulent activity.

How can I recover money or protect my accounts after this scam?

Contact your bank immediately to block suspicious transactions and change all related passwords. Follow up with the authorities for further investigation.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.