Spot Business Email Compromise and Invoice Fraud

    Trace whether the supplier's email was hacked or whether you were spoofed.

    What to do

      • Compare the sender's email header (Return-Path / Received) with previous legitimate emails — look for one-character lookalikes
      • Call the supplier on a phone number you already had — confirm whether they sent the changed bank details
      • Check your own mailbox for any new forwarding rules, hidden filters or 'mark as read' rules
      • Save the original email and any thread leading to the changed bank details

    More from Financial Recovery

    No image

    Avoid Future Recovery and 'Refund' Scams

    Victim lists are sold and reused — assume more 'agents' will appear.
    No image

    Cut Off and Report a Recovery-Scam Contact

    Engagement is the product; ending the conversation is the win.
    No image

    Spot a Stolen-Funds 'Recovery' Scam

    Recovery-scam pitches all share the same red flags — confirm before doing anything.