How to protect yourself from UPI Payment Diversion BEC Variant?

Do not click any links or share personal information Block and report the sender immediately Report at cybercrime.gov.in or call 1930 Inform your bank if financial details were shared

UPI Payment Diversion BEC Variant

Verdict: Suspicious | Risk Score: 9/10 | Severity: critical

Category: UPI, WhatsApp, Phishing

How UPI Payment Diversion BEC Variant Works

Overview: The UPI Payment Diversion BEC variant is a cyber-enabled scam targeting Indian SMEs and professionals handling client payments. Fraudsters intercept email threads or spoof digital invoices, modifying the payment details to redirect UPI transfers to their controlled bank accounts. The scam’s threat lies in its speed—once a UPI transfer is made, recovery is difficult. How It Works: Criminals monitor business email traffic for pending payment requests. They either compromise the account or closely mimic the sender, sending a revised payment instruction featuring a QR code or different UPI ID. Recipients, trusting the familiar conversation, transfer the requested amount, which is rapidly withdrawn through a network of mule accounts. Sometimes, the scammer follows up with WhatsApp or SMS, reinforcing the bogus payment details. India Angle: The proliferation of UPI for business payments—especially in Bengaluru, Mumbai, and Delhi—has opened doors for BEC fraudsters. Chartered accountants, suppliers, and small business staff in tech-savvy urban regions are typical targets. The scam affects both Hindi and English speakers, with the fraudster switching languages for credibility. Real Examples: - Email: “For your payment convenience, please use our new UPI ID: [UPI_REDACTED]. Kindly confirm transfer of ₹8,50,000 by Friday.” - WhatsApp: “Hi, sent you the QR code on email for invoice #2321, please pay before 5 PM for uninterrupted service.” Red Flags: - Sudden change to new UPI IDs for old contacts - QR codes sent via unofficial channels - Demands for instant payment without prior notice - Accounts with unverified business names Protective Measures: - Always verify payment instructions by calling the official number on record - Refuse to process changes sent over WhatsApp or SMS only - Mandate dual verification for payments above ₹1 lakh - Cross-check business names linked to UPI IDs before sending money If Victimised: - Immediately contact your bank’s UPI dispute desk - Report to 1930 helpline and file a case on cybercrime.gov.in - Block compromised emails or numbers and inform vendors Related Scams: - QR Code Phishing: Tricks users into scanning malicious QR codes - UPI Collection Scam: Fraudulent requests using fake merchant IDs

Visual Intelligence:

BharatSecure's AI has identified this as a used in scams targeting Indian users.

Who Does UPI Payment Diversion BEC Variant Target?

General public across India

Red Flags — How to Identify UPI Payment Diversion BEC Variant

Unexpected change in UPI ID for regular payments
Pressure to scan QR codes from emails or unofficial channels
Unverified merchant names linked to payment requests
No prior discussion before new payment instructions

What To Do If You Encounter UPI Payment Diversion BEC Variant

Do not click any links or share personal information
Block and report the sender immediately
Report at cybercrime.gov.in or call 1930
Inform your bank if financial details were shared

How to Report UPI Payment Diversion BEC Variant in India

Call 1930 — National Cyber Crime Helpline (24x7)
File a complaint at cybercrime.gov.in
Contact your bank immediately if money was lost
Call RBI helpline: 14440 for banking fraud

Frequently Asked Questions

What is UPI Payment Diversion BEC Variant?: Overview: The UPI Payment Diversion BEC variant is a cyber-enabled scam targeting Indian SMEs and professionals handling client payments. Fraudsters intercept email threads or spoof digital invoices, modifying the payment details to redirect UPI transfers to their controlled bank accounts. The scam’s threat lies in its speed—once a UPI transfer is made, recovery is difficult. How It Works: Criminals monitor business email traffic for pending payment requests. They either compromise the account
How does UPI Payment Diversion BEC Variant work?: Overview: The UPI Payment Diversion BEC variant is a cyber-enabled scam targeting Indian SMEs and professionals handling client payments. Fraudsters intercept email threads or spoof digital invoices, modifying the payment details to redirect UPI transfers to their controlled bank accounts. The scam’s threat lies in its speed—once a UPI transfer is made, recovery is difficult. How It Works: Crimin
How to protect yourself from UPI Payment Diversion BEC Variant?: Do not click any links or share personal information Block and report the sender immediately Report at cybercrime.gov.in or call 1930 Inform your bank if financial details were shared
How to report UPI Payment Diversion BEC Variant in India?: Report to cybercrime.gov.in or call 1930 (National Cyber Crime Helpline). You can also contact your local police station's cyber cell.

Verify Any Suspicious Message

Check any suspicious message, link, or call for free at bharatsecure.app. BharatSecure uses AI to detect scams in real-time and protect Indian users.