Payment Redirection Fraud
Scammers intercept legitimate payments by changing bank details. It's the fastest-growing payment scam in Australia, and it's almost impossible to recover from.
What is payment redirection fraud?
Payment redirection fraud happens when a scammer tricks your business into sending a legitimate payment to a bank account they control. The invoice looks real. The email looks real. The only thing that's different is the bank details, and by the time you notice, the money is gone.
It's also known as invoice fraud, mandate fraud, or supplier impersonation. It often works alongside business email compromise (BEC), where a scammer gains access to a real email account to make the request more convincing.
In Australia, payment redirection scams were the 3rd highest loss category in 2024, behind investment scams and romance scams. But for businesses, it's the #1 threat, because it targets the payments you're already planning to make.
How the scam works
Payment redirection fraud typically follows a predictable pattern. Understanding it is the first step to preventing it.
The scammer does their homework
They research your business, identify your suppliers, and learn your payment patterns. They may monitor compromised email accounts for weeks before acting, waiting for the right invoice.
They intercept or impersonate
Using a compromised email account (BEC), a spoofed email address, or a forged letter, the scammer contacts your accounts payable team with 'updated bank details' for a supplier you already pay.
Your team updates the records
The email looks legitimate. The ABN is correct. The invoice format matches previous ones. Your team updates the supplier's bank details in your system, trusting the request.
The payment goes to the wrong account
The next payment run sends money to the scammer's account. They withdraw immediately. By the time the real supplier calls asking where their payment is, the money is gone.
Warning signs to watch for
Most payment redirection attempts have tells, if you know what to look for.
Unexpected bank detail changes
A supplier you've paid for years suddenly sends new bank details via email.
Urgency or pressure
"Please update these details before the next payment run." Scammers create time pressure to skip verification.
Slightly different email address
john@supplier.com becomes john@suppIier.com (capital I instead of lowercase L). Easy to miss.
Changes to contact details
The email asks you to use a new phone number for confirmation, because the old one would reach the real supplier.
Unusual timing
Requests arrive just before a long weekend, public holiday, or end-of-month payment run.
Email thread hijacking
The scammer replies within a real email thread (from a compromised account), making the request appear like a natural continuation.
How ezyshield prevents payment redirection fraud
Every payment redirection scam succeeds because no one verified the bank details against the real owner. ezyshield makes that verification automatic.
Verify the person
Biometric identity verification confirms the real human behind the payment, not just a name on an email.
Fingerprint & re-verify
Every verified detail is fingerprinted. Any change triggers automatic re-verification. No payment leaves until confirmed.
Prove you checked
Tamper-proof audit trail proves you verified before you paid. Exportable evidence for audits, disputes, or insurance claims.
Related content
Business Email Compromise
BEC is the delivery mechanism behind most payment redirection attacks.
THREATFake Invoice Scams
How fraudulent invoices slip through accounts payable processes.
PRODUCTHow ezyshield Works
Four layers of protection that stop fraud before money moves.
LEARNPayment Fraud Prevention Guide
Complete guide to preventing payment fraud in Australia.
Don't wait until you've been redirected
Every payment your business makes is a potential target. ezyshield verifies before money moves.