French Police Warn Businesses After $380,000 Wire Scam: One Tweaked Bank Number, Money Gone

A single altered bank account number. Two convincing emails. And nearly $380,000 gone.

That’s the threat French police are flagging for businesses in Saône-et-Loire, a largely rural department in eastern France, after investigators reported a spike in “fake wire transfer orders”, a low-tech, high-pressure con that tricks accounting teams into sending real money to criminals.

The warning isn’t hypothetical. Local officials say the Saône-et-Loire departmental government itself was hit last month for about €350,000, roughly $380,000, underscoring how quickly a routine payment can turn into a major loss when scammers exploit urgency, authority, and confusion.

A familiar scam is surging again, and even local government got burned

France’s gendarmerie, national military police who handle law enforcement in many towns and rural areas, has circulated alerts in recent weeks about a resurgence of these wire-transfer scams targeting companies. The pitch is simple: fraud thrives when a payment request gets treated like paperwork instead of a red-flag event.

According to an institutional source cited by local media, Saône-et-Loire’s own departmental administration fell victim to a fake transfer order worth about $380,000. Investigators say that kind of target makes sense: organizations that move large sums, approve payments quickly, and operate under deadline pressure, month-end closes, vacations, peak workload, are the easiest to rush into a mistake.

Similar warnings have popped up in other parts of France, including Sarthe, where police have linked fake wire orders to related schemes like bogus advertising invoices. Different flavors, same goal: get paid by impersonating someone the victim already trusts.

How the con works: impersonation, pressure, and a “new” bank account

In France, the scam is often labeled “FOVI,” shorthand for fake wire transfer orders. In the U.S., it fits under the broader umbrella of business email compromise: criminals pose as a CEO, vendor, attorney, auditor, or bank contact and demand a “priority” payment.

The hook is psychological, not technical. The message often sounds authoritative, insists the matter is confidential, and pushes urgency, now, today, before close of business. The aim is to get an employee to bypass normal checks.

The most common move is a bank-account switch. In Europe, that means changing an IBAN (International Bank Account Number), the standard identifier used for cross-border and domestic transfers. A scammer claims a vendor has “updated banking details” and asks the company to pay the next invoice to a new account, one controlled by the fraudsters.

Once the money leaves, it can be routed through additional accounts fast, shrinking the odds of recovery by the hour.

The biggest vulnerability isn’t software, it’s the approval chain

Police emphasize that these scams succeed when internal controls break down: one person handling an urgent request alone, a two-step approval process that gets skipped, or a verbal instruction that overrides written policy.

Fraudsters can spoof email signatures, mimic branding, and even mask phone numbers. But the decisive moment is usually inside the organization, when someone feels cornered into acting quickly and quietly.

The “keep this secret” line is a major tell. It’s designed to stop the one thing that often kills the scam: a quick confirmation call to a known number.

What police want companies to do: verify out-of-band, write it down, split duties

The prevention advice is blunt and repeatable. First: verify unusual payment requests through an independent channel. Don’t reply to the email or call the number provided in the message. Instead, call a known contact using a number already saved in your system or confirm through an internal, pre-approved route.

Second: formalize the process. A workable policy spells out who can initiate a wire, who can approve it, and what triggers extra scrutiny, especially any change to vendor banking details, including IBAN information. The goal isn’t bureaucracy; it’s making it impossible for one person to push through an atypical payment alone.

Third: separate duties. When the same employee receives the request, updates the beneficiary, and approves the transfer, the risk concentrates in one place. Multi-step validation, paired with identity verification, makes the scam harder to pull off.

Police also urge training for accounting, finance, procurement, and executive assistants. Scammers study internal language, project names, and calendars. A prepared team is more likely to spot the pattern: excessive urgency, secrecy, unexplained banking changes, and small inconsistencies in formatting or tone.

If the money is already gone: call the bank immediately, preserve evidence, report it

If a fraudulent transfer is discovered, the first move is speed: notify the bank immediately and try to recall the funds. The longer the delay, the more likely the money has already been moved.

Next, preserve evidence, emails (including full headers), attachments, call logs, message threads, documents, and any record of changed banking details. Those details can help investigators trace the scheme and help the organization understand how the approval process failed.

Finally, contact law enforcement and file a complaint. Police say reports matter even when an attempt fails, because they help map tactics, timing, and targeted sectors.

Why small and mid-sized businesses are prime targets

The gendarmerie’s alert is aimed broadly at businesses, but it’s especially relevant for small and mid-sized firms where finance functions are handled by a lean team juggling vendors, cash management, and administrative work.

In that environment, a last-minute “CEO request” can sound plausible, especially if leadership is hands-on and urgent asks are common. That’s why police are pushing a non-negotiable rule: any exceptional payment request gets verified out-of-band, even if it appears to come from the top.

The broader message is one American companies know well: you can’t “tech” your way out of every fraud attempt. But you can make the scam harder to execute, by slowing down the right moments, forcing a second set of eyes, and treating banking-detail changes as a high-risk event, not a routine update.