This page describes a real fraud type affecting SWIFT wire transfer users. If you believe you have been targeted, do not send money and contact your bank immediately. Verify any SWIFT payment free using the UETR tracker at the bottom of this page.

Business Email Compromise (BEC) Wire Fraud

Business Email Compromise (BEC) — also called CEO fraud, invoice redirection fraud, or mandate fraud — is the costliest form of cyber-enabled fraud worldwide, accounting for over $10 billion in annual losses. Fraudsters compromise or impersonate a company's email system, then instruct the finance team to send a SWIFT wire to a new bank account controlled by the criminal. The money is usually moved overseas within hours.

How This Fraud Works

  1. The fraudster either hacks a genuine email account (e.g. a supplier's CFO or your CEO), or creates a lookalike domain (e.g. supplier.co vs supplier.com) to impersonate a trusted contact.
  2. They monitor email traffic to understand payment patterns, outstanding invoices, supplier relationships and senior personnel.
  3. At the right moment (often just before a large payment is due), they send an instruction to change the bank account details for a payment or instruct an urgent, confidential wire.
  4. The finance team, trusting the email from a known party, executes the SWIFT wire to the criminal's account.
  5. The funds are moved immediately to a secondary account overseas, often converted to cryptocurrency.

Red Flags — Warning Signs

How to Verify Before Acting

What To Do If You Are Targeted

Verify Any SWIFT Payment — Free in 30 Seconds

Paste the 36-character UETR from any MT103 or payment confirmation. If the payment is real, Ohmyfin shows the live SWIFT GPI status. If it's fake, it shows "not found". Free for individuals.

Track / Verify Payment

Frequently Asked Questions

What is Business Email Compromise?
BEC is a fraud where criminals impersonate a trusted party (executive, supplier, lawyer) via email to redirect a SWIFT wire to a criminal account. It's the #1 fraud type by financial loss globally, per FBI IC3 data.
Can a recalled BEC SWIFT wire be recovered?
Sometimes, if you act within hours. The SWIFT recall mechanism (MT n92 / camt.056) can stop a payment that has not yet been credited to the beneficiary account. Track the UETR on Ohmyfin first — if status is ACSP (in transit), an urgent recall has the best chance. ACSC means already credited — recovery then depends on the beneficiary bank and law enforcement.
How do I know which bank received the fraudulent wire?
The UETR on the payment confirmation (or from your bank's statement) will show you the beneficiary bank's BIC on Ohmyfin. You can then contact that bank directly to freeze the account.
Is BEC covered by cyber insurance?
Many cyber insurance policies cover BEC losses, but coverage depends on whether the insured followed required controls (e.g. callback verification). Review your policy and report the claim immediately.
How do I prevent BEC attacks?
Key controls: (1) Mandatory voice callback to a known number before any payment account change. (2) Dual approval for all international wires. (3) Email filtering and DMARC/SPF/DKIM authentication. (4) Staff training on phishing and social engineering.

Other SWIFT Fraud Warnings

View all 10 fraud warning guides →