Supplier bank detail changes? Don’t get scammed
You're going through your emails and see a message from one of your regular suppliers:
“Hi, please note we’ve updated our banking details. All future payments should go to the new account below.”
Seems routine - but this is a common scam targeting small businesses.
What’s Really Happening?
Cybercriminals often hack supplier email accounts or use lookalike addresses to send fake bank updates. If you unknowingly pay into a fraudulent account, the funds are usually gone for good.
Real World Examples
Scenic Rim Council (QLD): Lost $92,000 in 2022 after paying a scammer posing as a supplier with “new” bank details.
Western Australian business (2023): Lost $200,000 in a similar supplier email fraud scam.
ASIC warnings: The Australian Securities and Investments Commission has repeatedly cautioned businesses about this scam, also known as business email compromise (BEC).
How to Protect Your Business
Verify changes in person or over the phone. Call your supplier using a known contact number - not the one in the email.
Train your staff. Make sure your team knows never to action bank account updates without verbal confirmation.
Slow down payments. It’s okay to delay processing while confirming details - better late than scammed.
Resources
Staying vigilant is important. We’ve included helpful resources below to support you in protecting your business from these types of scams:
Final Tip
Have a simple internal policy:
“No supplier banking details get changed without direct verbal confirmation.”
A quick phone call can protect your cashflow, your business and your peace of mind.
Disclaimer
This information is intended to be general in nature and is not personal financial advice. It does not take into account your objectives, financial situation or needs. Before acting on any information, you should consider the appropriateness of the information provided in relation to your own circumstances.
