Incident reporting

Report a business scam or invoice fraud incident

If a business payment may have gone to a scammer, speed matters. Banks and law enforcement have better chances when the incident is reported quickly.

This page is a practical reporting checklist for invoice fraud, BEC, vendor impersonation, and payment-change scams.

Run invoice check Read FAQ

Quick answer

Report internally and externally

Contact your bank immediately, preserve evidence, notify the impersonated vendor, report to FBI IC3 and FTC ReportFraud in the US, and forward phishing messages to APWG.

Free AP Fraud SOP Kit

Turn this check into an AP policy

Get the vendor bank-change policy, callback script, approval note, incident checklist, and hold triggers for your finance team.

Get the SOP kit Future paid: saved checks, audit log, PDF reports, team templates - $19/mo teaser.

First hour actions

Move quickly if funds may have moved.

  • Call your bank and request payment hold, recall, or fraud escalation.
  • Preserve email headers, attachments, invoices, payment records, and approval logs.
  • Notify finance leadership, IT/security, legal, and cyber insurance contacts.
  • Call the impersonated vendor through trusted records.

External report links

These are common US reporting routes.

  • FBI IC3: ic3.gov
  • FTC ReportFraud: reportfraud.ftc.gov
  • APWG phishing report: reportphishing@apwg.org
  • Your bank's fraud department or wire recall desk.

Reporting FAQ

Should I wait until fraud is confirmed?

No. If money moved or credentials may be compromised, contact your bank and internal security team immediately while evidence is fresh.

What evidence should I keep?

Keep raw email headers, attachments, chat logs, invoices, payment confirmations, bank details, domains, phone numbers, and approval history.