Cybersecurity
Prevent Business Email Compromise and Invoice Fraud
A targeted playbook for reducing payment redirection scams, vendor impersonation, and fraudulent invoice approvals.
Verify vendor changes out-of-band
Bank detail changes are a common BEC objective.
Validate all payment-detail updates through known vendor channels.
Action checklist
- Call known vendor contacts from approved list.
- Require written confirmation from trusted domain.
- Hold first payment after account changes for secondary review.
Tune mail controls for impersonation risk
Impersonation warnings and external sender banners reduce click-through risk.
Apply anti-impersonation policies for executive and finance identities.
Action checklist
- Enable impersonation protection policies.
- Use external sender warnings for all inbound external mail.
- Flag lookalike domains proactively.
Build a rapid payment-fraud response
Early response can sometimes freeze or recover transfers.
Document immediate contact chains with bank and legal stakeholders.
Action checklist
- Maintain emergency bank fraud contact list.
- Define internal incident declaration triggers.
- Capture evidence and timeline for each suspected attempt.