Recall a BEC Invoice Payment and Clean the Mailbox

    Two parallel jobs: chase the money and clean the mailbox the attacker is reading.

    What to do

      • Call your bank within the hour and request a recall on the wire — get the recall reference
      • Notify the supplier: they may also need to clean their own mailbox if the breach was their side
      • Remove any unknown forwarding rule, filter or sign-in session on your mailbox
      • Reset your email password and revoke OAuth tokens / app passwords
      • Report to the police and your insurer — BEC is usually a covered cyber-insurance event

    More from Financial Recovery

    No image

    Avoid Future Recovery and 'Refund' Scams

    Victim lists are sold and reused — assume more 'agents' will appear.
    No image

    Cut Off and Report a Recovery-Scam Contact

    Engagement is the product; ending the conversation is the win.
    No image

    Spot a Stolen-Funds 'Recovery' Scam

    Recovery-scam pitches all share the same red flags — confirm before doing anything.