Recognize

Money transfer fraud happens when a criminal poses as a senior executive and asks an employee to complete a financial transaction, like a confidential business investment or a payment to a vendor. Many times instructions include changing bank payment information for a legitimate invoice and funds are transferred to the criminal.

If you think your business has been impacted by a money transfer scam, we recommend that you act immediately by following our guidelines below, and then proceed to our ReportRecover and Reinforce sections for further assistance.

Some Immediate Action Steps to Take

  • Contact your financial institution immediately upon discovering the fraudulent transfer.
  • Request that your financial institution contacts the corresponding financial institution where the fraudulent transfer was sent.
  • Contact your local Federal Bureau of Investigation (FBI) office if the wire is recent. The FBI, working with the United States Department of Treasury Financial Crimes Enforcement Network, might be able to help return or freeze the funds.
  • File a complaint, regardless of dollar loss, with bec.ic3.gov.
  • Business Recovery Solutions: Find help with recovery by contacting one of our trusted partners.

Report

Recover

These resources have been gathered, selected and vetted to help simplify the process of recovering after a cybercrime incident has taken place. You may need to contact organizations outside Fraudsupport.org. Results will vary depending on your circumstances.

Reinforce

Once you have notified the appropriate organizations and you are on the road to recovery, it is time to reinforce your cybersecurity using these resources and tools.

Implement Preventative Measures

  • Establish procedures that require approval from a manager or financial officer to spend money.
  • Take time to verify all financial requests, even urgent ones.
  • Speak to the person requesting money on the phone or in-person before proceeding with any transfers. If contacting them by phone, use previously known phone numbers, not the number provided in the email.
  • Create email rules that flag emails with extensions that are similar to company email or where the “reply” email address is different from the “from” email address shown.
  • Download our Six Steps to Better Security PDF.
  • Learn how to understand and address cybersecurity risks with the Cybersecurity and Infrastructure Security Agency (CISA) Cyber Essentials Toolkits.

Community Resources