Protect Your Business from Payment Redirection Scams

October is Cybersecurity Awareness Month, and it’s the perfect time to spotlight a growing threat to businesses of all sizes: Business Email Compromise (BEC) and Payment Redirection Scams.

What Happened?

One of our business members recently lost nearly $40,000 in a scam while purchasing a van. The scam began with legitimate email communication with the seller. After confirming payment via check with the seller, the seller’s email address subtly, and a new message requested payment via ACH instead. Believing the request was authentic, the member complied, only to discover later that the email was fraudulent.

What Is a Payment Redirection Scam?

Payment redirection scams occur when cybercriminals impersonate trusted contacts, such as vendors, employees, or executives, and trick victims into sending payments to fraudulent accounts. The scams often involve:

• Spoofed email addresses that look nearly identical to legitimate ones.
• Urgent or last-minute requests for payment changes.
• Fake invoices with updated banking details.
• Compromised email accounts used to monitor and manipulate real conversations.

Red Flags to Watch For

• Sudden changes in payment instructions.
• Requests for secrecy or urgency.
• Emails sent outside normal business hours.
• Slight variations in email addresses (e.g., @vendor.com vs. @vemdor.com).

How to Protect Your Business

To safeguard your business from payment redirection scams, start by verifying any changes to payment instructions through a trusted channel, such as calling a known contact using a verified phone number, not one provided in the suspicious email. Implementing dual authorization for payments above a certain threshold adds an extra layer of protection and ensures no single person can authorize large payments without oversight.

Employee education is also key. Train your team to recognize phishing attempts, spoofed emails, and social engineering tactics. Encourage a culture of “trust but verify”, where it’s okay to slow down and double-check. Securing your email environment is equally important; use strong passwords, enable multi-factor authentication (MFA), and keep software up to date to prevent account takeovers.

Maintaining accurate vendor records can help reduce confusion and make it easier to spot fraudulent requests. Always confirm any changes in vendor contact details or payment preferences directly with the vendor. And finally, if you suspect fraud, act quickly. Contact us and law enforcement immediately. Prompt action can sometimes help recover lost funds.

Final Thoughts

Cybercriminals are constantly evolving their tactics, but with awareness and proactive measures, your business can stay protected. If something feels off, pause and verify. It could save your business thousands.

Visit the Business Resource Center for more cybersecurity resources for our business.

BUSINESS RESOURCE CENTER