Fake Bank Invoice Redirection Scam
Criminals impersonate a victim's bank and send fraudulent payment-instruction updates, redirecting business or personal wire transfers to attacker-controlled accounts.
Part of: Invoice Redirection Fraud
Last reviewed: 8 June 2026
Business email compromise targeting banks exploits the trust that businesses and individuals place in their financial institution. Scammers send emails appearing to come from the victim's bank, claiming the bank's account number or sort code has changed, that a payment needs to be rerouted for compliance reasons, or that a specific pending transfer must be reissued to a new account to avoid a processing delay.
Banks do occasionally update payment routing details — for example, after mergers or system migrations — and they do contact customers about pending transactions. Scammers leverage these real but rare events to craft invoices and payment-instruction emails that feel timely and authoritative.
The real bank will always communicate account-detail changes through authenticated channels such as the online banking portal or by letter. An email with new bank payment details and an urgent deadline is the defining signature of this fraud.
How this scam works on the Your Bank brand
A business receives an email apparently from its bank, signed by a named customer relationship manager. The email states that due to a system upgrade, the bank's direct payment processing account number has changed and that any pending wire transfers, including the payroll or supplier payment scheduled for this week, must be directed to the new account before the cutoff time.
The email is well-formatted, uses the bank's real logo and brand colours, and references the business's actual account number in the salutation (obtained from a data breach or public filing). The new account details belong to a scammer. Once the transfer is made, the funds are moved through multiple accounts and withdrawn internationally.
A personal variant targets homebuyers: a fake bank email instructs the buyer to transfer the property down payment to a 'new escrow account number' due to a banking partner change, which is timed to arrive in the frantic final days before completion when the buyer is already stressed and moving quickly.
Common red flags
- Your bank has changed its payment account details via email with an urgent deadline — verify this directly through the bank's app or a branch call.
- The email does not appear in the bank's secure message centre when you log in.
- The new account number or sort code belongs to a personal account rather than a corporate banking entity.
- The email arrived just before a scheduled large payment, creating maximum urgency.
- The bank 'contact' who signed the email cannot be verified through the bank's public staff directory.
- The email address has a subtle variation from the bank's real domain.
- Any request to change payment instructions arrives by email only — with no corresponding letter or portal notification.
How to protect yourself
- Call your bank on the number printed on your bank card or statement — never a number provided in the email.
- Log in to your bank's online portal and check the secure message centre for any official payment-change notices.
- Apply a dual-authorisation policy for any change to bank payment details: one person requests, another verifies by phone.
- For property transactions, call your conveyancer or solicitor directly to verify any last-minute account changes.
- Check that the destination account name matches your bank or beneficiary's legal name before every large transfer.
How to report it
- Contact your bank's fraud team immediately if you have sent funds to the wrong account — speed dramatically improves recovery chances.
- Report to Action Fraud (UK) at actionfraud.police.uk or the FTC in the US at reportfraud.ftc.gov.
- File with ic3.gov.
- If a property transaction was targeted, notify your solicitor and the Land Registry.
- Report the sending email domain to the National Cyber Security Centre (UK) at report.ncsc.gov.uk.
Frequently asked questions
Do banks ever email customers to change payment account numbers?
Very rarely, and any legitimate change would also be communicated through your online banking portal, by letter, and with a very long notice period — never with a 24-hour deadline.
I already sent the transfer. Can I get the money back?
Contact your bank's fraud line immediately — the sooner you report, the better the chance of a recall before the receiving bank processes the withdrawal. Banks have fraud-recall processes, but speed is everything.
What is the Confirmation of Payee service?
In the UK, Confirmation of Payee checks whether the account name matches the name you entered. If it does not match, you receive a warning before the transfer completes. This service catches many invoice-redirection attacks.