Discovering you've paid a fraudulent invoice — or that someone has been impersonating your business — is stressful. Acting quickly gives you the best chance of limiting the damage. Here is what to do, in order.
If you've paid a fraudulent invoice — contact your bank immediately
Time is critical. Fraudsters move funds quickly, often through multiple accounts. The sooner your bank knows, the better the chance of stopping or recovering the payment.
Call your bank's fraud line directly — use the number on the back of your card or their official website, not a number from any email or invoice. Tell them you've been the victim of fraud and need to report an unauthorised payment. Ask them to raise a recall request.
Secure your accounts
If your email or invoicing account may have been compromised, change your passwords immediately — starting with your email account, since that's the master key to everything else. Then change passwords on your invoicing account, banking, and any other financial accounts.
Enable two-factor authentication on anything that doesn't already have it. Check your email account's recent login activity for unfamiliar devices or locations. If you see any, remove them.
If you use the same password anywhere else, change those too. Data from one breach is frequently used to access other accounts — this is called credential stuffing.
Report the fraud to the relevant authority
Reporting doesn't just help your own case — it helps authorities track patterns and protect others. Report to:
- UK: Action Fraud at actionfraud.police.uk — the national reporting centre for fraud and cybercrime
- US: The FTC at reportfraud.ftc.gov and the FBI's IC3 at ic3.gov
- Australia: ReportCyber at cyber.gov.au and Scamwatch at scamwatch.gov.au
- Canada: The Canadian Anti-Fraud Centre at antifraudcentre-centreantifraude.ca
- New Zealand: CERT NZ at cert.govt.nz
If someone is impersonating your business — warn your clients
If you discover that fraudsters are sending fake invoices in your name or using your branding to deceive your clients, contact your clients directly and promptly. Use an email address and phone number they already know and trust.
Tell them clearly: what happened, what to look for, and that they should contact you directly if they receive anything unexpected. Giving them a specific way to verify genuine invoices from you — such as confirming by phone before paying anything above a certain amount — will help prevent anyone being caught out.
Understand how it happened so you can prevent it
Once the immediate situation is under control, work out how the fraud occurred. Common entry points include:
- A compromised email account — used to intercept or send emails in your name
- A phishing email you clicked — capturing your login credentials via a fake login page
- A reused or weak password — obtained from a previous data breach on another site
- A supplier whose systems were compromised — their email was used to send you a fraudulent invoice
Identifying the entry point lets you close it and tells you what else might have been exposed. If you're unsure, a local IT professional or your bank's fraud team can help you assess.
Keep records of everything
Save all the fraudulent emails, invoices, and any correspondence. Screenshot anything before deleting it. These records may be needed by your bank for the recall process, by the fraud reporting authority, and by your accountant if the loss affects your tax records.
If the amount is significant, consider taking legal advice — in some jurisdictions there may be civil options for pursuing recovery in addition to the criminal reporting process.
Act fast, report everything, then fix the gap.
The first call to your bank is the most important step. Everything after that is about containing the damage and making sure it doesn't happen again.
Invoicetastic Learn is general information only. It is not legal, tax, accounting, or financial advice, and Invoicetastic is not liable for decisions made from this content. Always check current rules with the relevant authority or a qualified professional.