Wire transfer fraud is one of the most lucrative and damaging forms of financial crimes affecting businesses worldwide. Scammers employ various deceptive techniques to manipulate company employees, breach security systems and ultimately transfer large sums of money to fraudulent accounts.
Understanding how these scams work is essential for businesses to safeguard their funds and prevent devastating losses. Scammers exploit weaknesses in corporate processes, human psychology and technological vulnerabilities to carry out fraudulent wire transfers. The most common methods include:
Business email compromise (BEC)
BEC scams involve cybercriminals hacking or spoofing company emails to impersonate executives or vendors. Here is how it typically unfolds:
The scammer gains access to or fakes an email account belonging to a senior executive, such as the CEO or CFO;
They send an email to the finance department, requesting an urgent wire transfer to a specified account, often claiming confidentiality or time sensitivity;
The unsuspecting employee processes the transfer, believing it to be a legitimate request; and
Once the money is wired, the scammer quickly transfers it through multiple accounts, often overseas, making recovery nearly impossible.
- Seed scammers on the prowl
- The dark side of social media platforms
- Tips to protect against social media scams
- Minister warns scammers impersonating his name
Keep Reading
Vendor or supplier fraud
Scammers may impersonate a legitimate supplier or service provider by either hacking their email account or creating a lookalike domain.
They then:
Inform the company that the supplier’s banking details have changed;
Provide new account details that belong to the scammer; and
When the company processes its next invoice payment, the money is wired directly to the fraudster’s account.
Account takeover
Some scammers gain direct access to company bank accounts by:
Stealing login credentials through phishing emails or malware;
Using keylogging software or other hacking techniques to obtain usernames and passwords; and
Logging into the account and initiating wire transfers to their own accounts.
Many account takeover scams succeed because businesses fail to implement strong multi-factor authentication (MFA) or regularly update their passwords.
Fake investment, acquisition scams
In some cases, fraudsters pretend to be investors, potential business partners or buyers interested in acquiring a company. They may:
Engage in prolonged discussions with the company’s executives;
Request a “good faith” wire transfer to secure the deal; and
Disappear once the funds are transferred.
This method often targets companies looking for expansion or funding opportunities.
Payroll diversion scams
In this type of fraud, scammers trick employees into updating their payroll details so that salaries are wired to the scammer’s account instead of the rightful employee. This can be done through:
Phishing emails that mimic HR departments;
Fake login portals that capture employee credentials; and
Direct impersonation of executives or HR personnel.
How scammers conceal money
Once the fraudulent transfer is successful, scammers take several steps to ensure the money is difficult to trace and recover. These include:
Using mule accounts: Criminals often recruit “money mules” who receive and transfer stolen funds on their behalf;
Layering transactions: The money is moved through multiple accounts, sometimes across different countries, to complicate tracking;
Cryptocurrency conversion: Fraudsters may convert stolen funds into cryptocurrency, making it harder for law enforcement to follow the trail; and
Shell companies: Some scammers use fake businesses to create the illusion of legitimacy, routing the stolen money through corporate accounts before withdrawing it.
Preventative measures
To protect against wire transfer fraud, companies should implement robust security measures, including:
Verify requests independently
Always confirm wire transfer requests by calling the sender using a known phone number; and
Avoid relying solely on email communications, especially for urgent or large transactions.
Multi-factor authentication (MFA)
Require MFA for all financial transactions and online banking access; and
Use biometric verification or authentication apps instead of just passwords.
Educate employees on cybersecurity
Conduct regular training on phishing, social engineering, and fraud prevention; and
Encourage employees to scrutinise email addresses and attachments before clicking links.
Monitor financial transactions
Set up alerts for unusual wire transfer activity; and
Require multiple approvals for high value transfers.
Secure email accounts
Use strong, unique passwords for email accounts and update them regularly; and
Enable encryption and two-factor authentication for company emails.
Vendor, supplier information audit
Verify any changes to vendor banking details through direct calls or face-to-face meetings; and
Maintain a list of authorised contacts for financial transactions.
What to do if victim to fraud
If a company realises it has sent money to a fraudulent account, immediate action is necessary:
Contact the bank — Request that the transaction be reversed or put on hold. Banks may be able to recover funds if the request is made quickly;
Report to the police — File a report with the local authorities and financial regulators;
Notify internal teams — Inform executives, IT security and finance departments to prevent further breaches; and
Review security protocols — Conduct a post-incident analysis to identify vulnerabilities and implement stronger controls.
Wire transfer fraud is a growing threat to businesses, with scammers using sophisticated tactics to deceive employees and exploit financial processes. Organisations must take proactive steps to secure their email communications, verify all transactions and educate staff about potential threats. By implementing stringent security measures and fostering a culture of awareness, businesses can significantly reduce the risk of falling victim to these costly scams.
- Mutisi is the CEO of Hansole Investments (Pvt) Ltd. He is the current chairperson of Zimbabwe Information & Communication Technology, a division of Zimbabwe Institution of Engineers. — +263772 278 161 or [email protected]
