PanicStation.org
UK USA
uk Money & financial emergencies supplier bank details changed • invoice bank change email • pay by wire only request • pay by crypto request • urgent invoice payment pressure • accounts payable scam • mandate fraud • invoice diversion scam • business email compromise • vendor impersonation • spoofed supplier email • payment instructions changed • new bank account for supplier • invoice payment to new account • crypto invoice settlement • fraudulent invoice concern • supplier email hacked • bank transfer recall uk • verify supplier bank details • wire transfer scam warning

What to do if…
a supplier insists you must pay an invoice by wire or crypto because “bank details changed”

Short answer

Pause the payment and verify the change using a trusted contact method you already had for the supplier (not the details in the message). If you’ve already paid, contact your bank immediately and report it as suspected fraud.

Do not do these things

  • Do not pay to new wire details or a crypto address just because you’re being chased for urgent payment.
  • Do not “verify” using the phone number, link, or email address inside the change request.
  • Do not reply in the same email thread to confirm new payment details (assume the thread may be compromised until proven otherwise).
  • Do not approve a new payee or change saved beneficiary details while you feel rushed or pressured.
  • Do not share banking credentials, one-time passcodes, or approve unexpected prompts for someone who contacted you first.
  • Do not delete emails, invoices, attachments, or chat logs.

What to do now

  1. Put a hold on the invoice internally. Mark it “verification pending” and tell anyone who can release payments that nothing is to be paid until bank details are verified.
  2. Verify the supplier using “known-good” details you already had. Use a phone number or portal you previously used successfully (your vendor master record, contract, last paid invoice on file, or the supplier’s official website you navigate to yourself). Avoid any contact details provided in the change request.
  3. Ask verification questions that don’t rely on the suspicious message. For example:
    • “Did you change bank details and why?”
    • “What are the last 4 digits (or other partial identifier) of the bank account we previously paid?”
    • “Please confirm the invoice number, amount, and PO/reference without me prompting.”
  4. Treat “wire or crypto only” as a red flag unless it matches your contract and history. If you’ve never paid them by crypto before, don’t switch under pressure.
  5. Cross-check against your records before setting up any new payee. Compare the “new” details to your vendor master file and prior remittance details. If anything is different or undocumented, keep the payment on hold.
  6. If your bank shows a payee-name match warning when you set up/alter the payee, stop. Do not proceed if the name doesn’t match, partially matches, or you get a warning you can’t explain.
  7. Require a formal change process (not “please update today” by email). Use your established vendor-change controls (a separate confirmation step, a second-person approval, and an out-of-band call-back using known-good contact info).
  8. If you think the supplier’s email is compromised, warn them safely. Tell the supplier (via known-good contact details) that you received a bank-change/payment-method demand and they should check finance contacts and mailbox security.
  9. If you have already sent money: act immediately.
    • Call your bank’s fraud team straight away and ask them to try to recover/recall the payment and to contact the receiving bank urgently. Outcomes vary by payment type and timing, but speed matters.
    • If you sent crypto, contact the platform/exchange you used immediately and report suspected fraud. Crypto transfers are typically hard to reverse, so rapid reporting and evidence preservation matter.
  10. Report it (even if you didn’t lose money).
  • England, Wales, Northern Ireland: report to Report Fraud.
  • Scotland: report to Police Scotland (101).
  • Forward suspicious emails to report@phishing.gov.uk and forward scam texts to 7726 (free).
  1. Preserve evidence in one bundle. Save the invoice, the change request, sender details, any bank details/crypto address, dates/times, who approved what, and screenshots of payment screens (without exposing passwords).

What can wait

  • Deciding whether to keep using the supplier or renegotiate terms.
  • Arguing over late fees or service disruption threats (once you’ve placed the hold and started verification).
  • Writing a full incident report; for now, preserve evidence and record the basics.
  • Any legal steps—those are later, after the urgent payment risk is contained.

Important reassurance

These “bank details changed” demands are a common way payments get diverted, and pausing to verify is a normal, responsible control. A legitimate supplier will usually understand a brief delay for verification.

Scope note

This is first-step guidance to prevent an irreversible payment mistake and to trigger the right immediate actions. Follow-up (supplier relationship, internal controls, insurance, legal recovery) can come after the situation is stable.

Important note

This is general information, not legal or financial advice. Bank processes and recovery options vary and are not guaranteed. When money may have been misdirected, acting quickly and using trusted contact routes is often the safest approach.

Additional Resources
Support us