This page describes a real fraud type affecting SWIFT wire transfer users. If you believe you have been targeted, do not send money and contact your bank immediately. Verify any SWIFT payment free using the UETR tracker at the bottom of this page.
IBAN Swap & Invoice Interception Fraud
IBAN swap fraud (also called invoice interception or mandate fraud) is a variant of BEC that specifically targets the beneficiary bank account details on an invoice or payment instruction. The fraudster intercepts an invoice in transit (either by hacking email, or by social engineering) and replaces the legitimate IBAN or bank account number with one they control — while leaving all other details (supplier name, invoice number, amount) intact.
How This Fraud Works
The fraudster either compromises a supplier's email account or impersonates the supplier using a lookalike domain.
They intercept a legitimate invoice or send a fraudulent replacement with the same invoice number and amount but a different IBAN.
The paying company sends the SWIFT wire to the criminal's account, believing they are paying the legitimate supplier.
The funds are moved quickly before the fraud is discovered. The genuine supplier then chases payment for the unpaid invoice, revealing the fraud.
Red Flags — Warning Signs
An invoice that changes bank details from a previously used account.
A "notification" email asking you to update supplier bank details in your system.
The new IBAN is in a different country from previous invoices.
The email requesting the change is slightly different from the usual contact address.
An unexpected "re-sent" invoice arriving just before a large payment is due.
How to Verify Before Acting
Call the supplier's finance team on a number from your records (not the invoice or email) to verbally confirm any new bank details before making payment.
Implement a policy requiring two contacts at two different phone numbers to confirm any supplier account change.
After sending the wire, paste the UETR into Ohmyfin to verify the funds are going to the correct correspondent bank.
The BIC on the Ohmyfin status screen should match the country and bank of the expected supplier.
What To Do If You Are Targeted
If you realise the IBAN was fraudulent BEFORE the wire settles: contact your bank immediately with the UETR for urgent recall.
Report to law enforcement: Action Fraud (UK), IC3 (US), Europol (EU).
Notify your genuine supplier so they can alert their own bank and email provider.
Review your supplier payment process and implement dual-authorisation for account changes.
Verify Any SWIFT Payment — Free in 30 Seconds
Paste the 36-character UETR from any MT103 or payment confirmation. If the payment is real, Ohmyfin shows the live SWIFT GPI status. If it's fake, it shows "not found". Free for individuals.
IBAN swap is a specific technique within the broader BEC category. All IBAN swap fraud is BEC, but not all BEC involves IBAN swap — some BEC involves an executive impersonation ordering a new wire to a completely new payee. IBAN swap specifically substitutes the account details on an existing legitimate invoice.
How do I verify the IBAN before paying?
For new or changed IBANs, always call the supplier on a phone number you have independently verified (from a previous correspondence, their official website, or a business card). Never trust a phone number provided in the same email that changed the IBAN.
Can I track a payment sent to a fraudulent IBAN on Ohmyfin?
Yes. Use the UETR from your bank's payment confirmation to track the wire on Ohmyfin. The BIC field will show you which bank received the funds — useful for law enforcement reporting and bank-to-bank recall requests.