Beware the “change of banking details” email. It might be a fraudulent message.

In the past two months, two of our clients have been caught in the following scenario:
Bank Fraud

A supplier overseas has their email hacked, and the hackers make a slight change (one character in the email address that goes unnoticed by the importer recipient) and notify the companies that they have new banking details.  When the clients place their orders, they wire the money, but unfortunately to the fraudulent bank accounts set up by the criminals.  By the time our clients and their vendors notice what has happened, the accounts are drained and the funds gone.  Police reports can be filed, but there is little that can be done to recover or reimburse for the stolen funds.

This appears to be a fairly prevalent scam in China that is gaining in popularity,

We spoke to a bank executive in supply chain finance who offered us the following advice:

A standard banking practice is to require an independent verification of new instructions.  For example when a relationship is established a Corporate Resolution or other Corporate Document is requested listing the officers of the company permitted to provide payment instructions, there must be at least two.  If “Mr. Smith” advises there are new banking instructions, a phone call (to a phone number found on the company’s website) is made to a different officer and a request is made of the second officer to confirm the new instructions.  In case of an overseas company the request is made by email (only to a corporate domain address) to the second officer and the reply must come from a corporate email address.


In addition with an overseas company many times it is required that “Mr. Smith” request his bank to provide the new instructions and even with instructions coming from an overseas bank it is still verified by forwarding the overseas bank email message to a different officer at the company and asking that they confirm the payment instructions are correct. 

Many small foreign manufacturers do not have a corporate email domain of their own, which is how these spoofs happen to Gmail, Hotmail, Yahoo and other free email services.  It’s a lot more difficult to spoof a domain that is owned by a company, but they are not as prevalent overseas as is in the United States.

The takeaway here should be:  Before accepting a change of payment instructions from a vendor, validate this change through another means such as a direct conversation online, phone or fax.

In addition to what we have explained above, talk to your financial institution and insurance provider about their fraud protection practices and policies.  It’s not a layer that adds complexity; it’s a layer that adds protection.

Latest News & Events

Should your company pursue import duty refunds via drawback?

The below is the second installation in our series giving…

The below is the second installation in our series giving companies greater information and knowledge about duty drawback, whether it is a sensible investment for their company and how to go about doing it.  The post is authored by Ron Jacobsen, President of Northstar Drawback Consultants, our Duty Drawback partner.…

Ron Jacobsen on drawback: Does it make sense for my company?

What do you do when the subject of drawback comes…

What do you do when the subject of drawback comes up in a meeting or by the coffee machine? What would you say when the Senior Manager comes to your cubicle and informs you that you have been chosen to spearhead the new Drawback program. Lucky you, didn’t you just…