FightPhishing/ PUBLIC · THE BEAT
HomeThreat IntelFraud WatchScam Check
LIVE · 20 FEEDSv2026.04.21
Back to Fraud Watch

Business Email Compromise

Who's targeted: Business professionals and remote workers|
Reaches you via:email

If You See It

  • Verify payment requests by phone using a known number
  • Check the sender email domain character by character
  • Report to your IT security team

If You Clicked

  • !Contact your bank immediately to recall the wire transfer
  • !Notify your IT department
  • !Preserve all emails as evidence

If You Gave Info

  • Contact the FBI IC3 immediately
  • Work with your bank to attempt fund recovery
  • Report to your company's legal team

What This Looks Like

Fake Invoice from Vendor

Your accounts payable department receives an email that appears to be from a regular vendor: "Please note our banking information has changed. All future payments should be sent to the following new account..." The email matches the vendor's usual format.

Red Flags

  • Unexpected change in banking/payment details
  • May come from a look-alike email domain
  • Targets employees who handle payments
  • Often timed around regular payment cycles

Safe Response

Never update payment details based solely on an email. Call the vendor using a known phone number (not one from the email) to confirm any banking changes.