Cross-border payment fraud is a growing global threat. This page provides authoritative guidance on recognising, avoiding, and reporting fraudulent SWIFT payment schemes, including fake MT103 documents, fraudulent pacs.008 messages, and payment recall scams.
If you suspect you are a victim of payment fraud, contact your bank immediately. Time is critical.
An MT103 (SWIFT customer credit transfer) and its ISO 20022 equivalent pacs.008 are standardised banking messages used to instruct the transfer of funds between financial institutions. They are not proof that money has been sent or received.
Critical fact: An MT103 or pacs.008 document is a payment instruction, not a receipt of payment. It does NOT guarantee that funds have been sent, are in transit, or will arrive in your account. Only your own bank can confirm receipt of funds.
Scammers create convincing forgeries of MT103 or pacs.008 documents and present them to victims as “proof” that a large sum of money has been sent to them. The documents typically contain:
The victim is then asked to release goods, provide services, pay “processing fees”, or transfer money — all before any real funds arrive.
Verification tip: You can verify whether a UETR exists on the SWIFT GPI network using our free tracking tool. If the UETR cannot be found, the document is almost certainly fraudulent. However, even a valid UETR does not confirm that funds will reach your account — only your bank can confirm that.
Scammers claim that an “MT103/23” is a special “conditional” SWIFT transfer where funds are held by the beneficiary’s bank until certain documents are provided or conditions are met.
There is no such thing as a conditional MT103. Field 23 (now 23E) in the MT103 message format contains only basic instruction codes such as “SDVA” (same-day value). It cannot impose conditions on the release of funds. Banks process MT103 messages for immediate settlement.
Victims are told that millions of dollars have been sent via an “MT103/202 manual download” with a UETR code. The funds are said to be “blocked” in the SWIFT network and require “manual release” or “download” for a fee.
“Manual download” is not a legitimate banking or SWIFT term. SWIFT messages are processed electronically. Money cannot be “held” in the SWIFT network. If someone asks you to pay fees to release stuck funds, it is a scam.
Victims are promised large incoming wire transfers (often for inheritance, contracts, or loans). Before the payment “arrives”, they must pay multiple rounds of fees labelled as “SWIFT taxes”, “compliance fees”, “unlock charges”, or “insurance costs”.
Legitimate wire transfers never require the recipient to pay fees to receive incoming funds. Bank charges for international transfers are deducted from the transfer amount or charged to the sender. If someone asks you to pay fees before you receive money, it is advance fee fraud.
The victim receives a genuine wire transfer and is told they can keep a percentage if they forward the remainder to specified accounts.
This is money laundering. The funds are stolen. When authorities trace the theft, the victim faces criminal liability and must repay the full amount. Acting as a “money mule” carries serious criminal penalties in most jurisdictions.
Scammers reference “server-to-server SWIFT transfers”, “ledger-to-ledger” movements, “KTT wire transfers”, or “IP/IP transfers” as special high-value transfer mechanisms.
None of these terms exist in legitimate banking or SWIFT operations. Any transaction described using these terms is fraudulent. There are no special “hidden” transfer mechanisms within the banking system.
Payment recall fraud exploits misunderstandings about how SWIFT payment reversals work. Here is what you need to know:
Key fact: Once funds are credited to your account and the recall window has passed, only a court order or regulatory authority can compel a return of funds. Your bank will always contact you directly through official channels if a recall request is received.
| Red Flag | What to Look For |
|---|---|
| Fake banking terminology | “Manual download”, “conditional SWIFT”, “MT103/23”, “server-to-server”, “ledger-to-ledger”, “KTT wire”, “IP/IP transfer” |
| Advance fees required | Any request to pay fees, taxes, insurance, or charges before receiving incoming funds |
| Documents via messaging apps | MT103 or pacs.008 documents received via email, WhatsApp, Telegram, or social media rather than from your bank directly |
| Pressure and urgency | Being pressured to release goods, services, or funds before payment is confirmed in your account |
| Unverifiable UETR | A UETR code that cannot be found on any legitimate tracking service, including ohmyfin.org |
| Unusually large amounts | Unsolicited offers involving millions of dollars from unknown sources (inheritance, contracts, lottery winnings) |
| Request to forward funds | Being asked to receive money and forward a portion to other accounts (money mule recruitment) |
| Contact via social media | Payment offers or business proposals initiated through social media, dating sites, or unsolicited messages |
If you believe you have been targeted by or are a victim of payment fraud, take the following steps immediately:
Call your bank’s fraud department immediately using the official number on your bank card or statement. Request a freeze on any relevant transactions and ask about recall procedures.
If you encounter websites impersonating Ohmyfin or misusing our brand, please report them to us at ohmyfin.org/contacts. We take reports of brand impersonation seriously and will pursue appropriate legal action.
Ohmyfin.org was established to provide free, independent SWIFT payment tracking to ordinary individuals and businesses worldwide. We believe that access to payment verification is a fundamental right that should not be restricted behind a paywall.
Our platform enables users to verify the existence and status of cross-border payments using UETR (Unique End-to-End Transaction Reference) codes on the SWIFT GPI network. As part of our commitment to fraud prevention, we provide tracking statistics that allow users to identify suspicious activity — for example, if a single UETR has been searched by an unusually large number of users, this may indicate that scammers are distributing it to multiple potential victims.
Ohmyfin.org is operated by Ohmyfin Organisation, a duly registered entity under the laws of the Republic of Panama, Company Number 687928532. Our corporate plans serve financial institutions and organisations requiring higher daily tracking volumes. View our plans.
It has come to our attention that certain third-party entities have deliberately and maliciously published false and defamatory statements identifying ohmyfin.org as a “fraudulent” or “scam” service. We categorically and unequivocally reject these baseless allegations in their entirety.
Ohmyfin.org is operated by Ohmyfin Organisation, a duly registered and fully compliant entity incorporated under the laws of the Republic of Panama. We have provided reliable, free-of-charge SWIFT payment tracking services to thousands of users across more than 80 countries since our establishment.
These false statements constitute actionable defamation under applicable law, causing material harm to our reputation, business operations, and the trust placed in us by our global user base. We note that such statements appear to be motivated by commercial rivalry rather than any legitimate concern for consumer protection.
We have formally instructed our legal counsel to pursue all available remedies, including but not limited to:
A formal cease-and-desist notice has been served upon the parties identified as the source of these defamatory publications. Any continued publication, reproduction, or dissemination of these false claims will be treated as wilful defamation and may result in aggravated proceedings.
This notice is published in accordance with our right to defend our legitimate business reputation. Ohmyfin Organisation reserves all legal rights under applicable international and domestic law.