Fintra Feature

The Bank-Change Signal That Stops BEC

Business email compromise almost always ends the same way: a vendor’s bank details are quietly changed and the next payment is redirected. Fintra makes a bank-account change a first-class risk signal - scaled by amount at risk and recency - and holds the payout for a human to confirm.

Talk to usFree to start - no card required.
Fintra · Payout Redirect Defense
SIGNAL
bank account changed
vs last payment
SCALED BY
$ at risk × recency
severity
ACTION
hold + confirm
before payout
Vendor bank last-4 changed since last payredirect risk - hold
Change happened days before paydayseverity raised
Large amount to changed accountseverity raised
Confirmed out-of-band by APreleased

Illustrative product view

How the attack works - and where it breaks

An attacker compromises an email thread, impersonates a known vendor, and sends “updated banking details.” Nothing about the invoice looks wrong; the amount and the vendor are legitimate. The single anomaly is that the payout account changed - and that is exactly the signal Fintra keys on, comparing the new account against the one used for the last payment to that vendor.

Hold, then confirm out of band

A flagged payout is held rather than blocked outright - the point is to force an out-of-band confirmation with the real vendor before money moves, then release it once verified. The whole event, and its resolution, is written to the Decision Ledger as evidence.

Frequently asked questions

What is payment redirect fraud?

It is the endgame of business email compromise: an attacker changes a legitimate vendor’s payout bank details so the next payment is redirected to them. The invoice looks normal; only the account changed.

How does Fintra detect it?

It compares each payout’s destination account against the account used for the last payment to that vendor and treats a change as a first-class risk signal, with severity scaled by the amount at risk and how recently the change occurred.

Does it block the payment?

It holds the payout and asks for out-of-band confirmation with the real vendor, rather than blocking outright, then releases it once verified - with the whole event logged.

Why can’t a bank catch this?

The bank only sees a valid transfer to a valid account. Fintra sees that the account changed relative to the vendor’s payment history, which is the actual tell.

Stay in the loop

One practical finance briefing a week - new guides, checklists, and benchmarks.

 

Put a decision - with proof - in front of every action

See how Fintra decides allow / step-up / hold / block per action and writes each verdict to a tamper-evident ledger.

Talk to us