Fraud & Security

Fraud Centre

Resources and information about fraud for your Ebury accounts and beyond.

Resources and information about fraud for your Ebury accounts and beyond.

Report Fraud
What to do

What to do if you think you’re a victim of fraud

Report it

If you think you have fallen victim to fraud, email our Fraud Team and report it to your local law enforcement and/or fraud reporting agency.


Contact us

Verify it

Ebury will never ask you for personally identifiable information, or to confirm or deny payments via text message. If you’re not sure whether you’re speaking to an Ebury representative, contact the Ebury’s Fraud Team or your trusted relationship manager.

Contact us

Get support

You can also contact Ebury support directly via live chat in your Ebury web or mobile application.
Read more about what to do if you are a victim of fraud.

Read article
Are you unsure?

When in doubt, ask

If something feels off

If something feels off – an unexpected payment request, a strange email, a supplier acting out of character – pause and verify before you act. A two-minute phone call has saved many businesses six- and seven-figure losses.

If you spot something suspicious

If you spot suspicious activity on an Ebury payment, or you just want to double check or verify something, contact us at fraud@ebury.com.

Report Fraud
Fraud trends

How to keep your money 
safe and secure

Fraud tactics have evolved fast over the past few years. AI-generated voices, deepfaked executives, and increasingly convincing invoice fraud are now mainstream threats. 



At Ebury, we want our clients to stay ahead of the curve. Here are the trends we're seeing in 2026, plus practical steps to detect, prevent, and recover from the most common attacks.

Fraud tactics have evolved fast over the past few years. AI-generated voices, deepfaked executives, and increasingly convincing invoice fraud are now mainstream threats. 



At Ebury, we want our clients to stay ahead of the curve. Here are the trends we're seeing in 2026, plus practical steps to detect, prevent, and recover from the most common attacks.

Cryptocurrency scams

Learn more
AI-driven scams

Learn more
Invoice redirection

Learn more
Missing goods

Learn more

Cryptocurrency scams: still booming, now AI-powered

Investment fraud remains one of the most lucrative tactics for criminals, and crypto is still the vehicle of choice. What's changed is the polish: scammers now use AI-generated celebrity endorsements, deepfake video testimonials, and fake "trading platforms" that mirror real exchanges pixel-for-pixel.

Common variants include:

Investment fraud remains one of the most lucrative tactics for criminals, and crypto is still the vehicle of choice. What's changed is the polish: scammers now use AI-generated celebrity endorsements, deepfake video testimonials, and fake "trading platforms" that mirror real exchanges pixel-for-pixel.

Common variants include:

Pig-butchering scams

Long-running romance or "wrong number" chats that slowly steer victims into a fake investment platform.

Rug pulls

Promoters launch a token, pump the price, then drain liquidity and disappear.

Fake yield/staking platforms

Promise unrealistic returns; withdrawals are blocked once you deposit.

Remote-access wallet drains

The scammer asks you to install "support software" (AnyDesk, TeamViewer) to "help" set up a wallet.

Red flags to watch for:

A legitimate crypto investment always leaves the wallet in your sole control. If anyone else can move funds, walk away.

A legitimate crypto investment always leaves the wallet in your sole control. If anyone else can move funds, walk away.

Guaranteed or "risk-free" returns

Pressure to act quickly or invest more

A wallet or platform you don't fully control
Names not registered with the FCA (or your local regulator)
Report a Cryptocurrency scam

AI-driven scams: deepfakes, voice clones, and CEO fraud

This is the fastest-growing category we have seen lately. Generative AI has made impersonation cheap and scalable.

What to watch for:

This is the fastest-growing category we have seen lately. Generative AI has made impersonation cheap and scalable.

What to watch for:

Voice clones

A 10-second audio sample is enough to clone a familiar voice. Expect calls from "your CFO," "your child," or "your bank."

Deepfake video calls

Fraudsters have impersonated executives on live Zoom/Teams calls to authorise wire transfers


AI-written phishing

Flawless grammar, perfect tone-matching, often referencing real internal projects scraped from LinkedIn or leaked data.

Protect yourself by:

While AI scams are getting smarter, a little extra caution and a quick verification are all it takes to stay one step ahead and keep your information secure.

While AI scams are getting smarter, a little extra caution and a quick verification are all it takes to stay one step ahead and keep your information secure.

Agreeing on a verbal safe word with finance staff and family for unexpected money requests

Always call back on a known number before acting on urgent payment requests, never the number provided in the message

Treat "urgent + unusual + confidential" as the classic fraud signature
Don't rely on "it sounds like them" or "it looks like them"
– it will
Report an AI-driven scam

Invoice redirection & Business Email Compromise (BEC)

BEC is now the most financially damaging fraud category for businesses worldwide. The attack usually starts with a compromised mailbox somewhere in the supplier chain – often weeks before the fraud is triggered.

The typical pattern follows:

BEC is now the most financially damaging fraud category for businesses worldwide. The attack usually starts with a compromised mailbox somewhere in the supplier chain – often weeks before the fraud is triggered.

The typical pattern follows:

1.

Attacker quietly monitors a real email thread between you and a supplier.

2.

At the moment of invoicing, they spoof or hijack the conversation and send "updated bank details."


3.

Payment lands in the fraudster's account; the real supplier chases weeks later.


How to stop it:

It is important to never click on links or download attachments from unknown senders.

It is important to never click on links or download attachments from unknown senders.

Verify all bank-detail changes by phone on a previously known number - never one supplied in the email.

Be suspicious of last-minute urgency, especially around month-end or holidays.

Watch for lookalike domains (ebury-payments.com vs ebury.com, rn vs m, swapped TLDs).
Use payee verification / Confirmation of Payee where available.
Report compromised business email

Goods that never arrive scams

Fake B2B suppliers, often hosted on slick websites that vanish weeks later, collect international payments for electronics, machinery, or commodities, then go dark.

If you've been hit via an Ebury payment, contact us immediately at fraud@ebury.com and report to your local fraud authority (Action Fraud in the UK, your national CERT or police elsewhere).

Fake B2B suppliers, often hosted on slick websites that vanish weeks later, collect international payments for electronics, machinery, or commodities, then go dark.

If you've been hit via an Ebury payment, contact us immediately at fraud@ebury.com and report to your local fraud authority (Action Fraud in the UK, your national CERT or police elsewhere).

Report a Goods scam

‍Quick checks before paying a new supplier:

How old is the domain? (A WHOIS lookup takes 10 seconds.)


Are reviews genuine, or all posted in the same week?


Does the bank account sit in the same country as the supplier?


Is the price meaningfully below market?


Is the company actually registered where they claim?

How to spot APP fraud,
New Suppliers:

Search the supplier name + "scam" / "fraud" / "review"


Look for independent reviews, not just testimonials on their own site.

Ask: is this deal too good to be true?


Confirm the bank account country matches the supplier's country.



How to spot APP fraud, Existing suppliers:

Verify the sender's exact email address – spoofs often differ by one character.

Treat sudden urgency or last-minute bank-detail changes as a red flag – always call to confirm.

Question changes to bank accounts in different countries.

Watch invoices for subtle alterations in formatting, logos, or wording.


Checklist

Recovery checklist if you suspect compromise

If you suspect an account has been compromised, immediately change your password and any account sharing it, then report the incident internally and to fraud@ebury.com.

01
Revoke active sessions and connected apps



02
Remove suspicious forwarding rules, filters, and aliases


03
Check sent items for fraudulent messages



04
Reset security questions and recovery options


05
Enable / re-enable MFA on email and your EBO account




Fraud FAQ

Fraud & security tools

Explore topics on fraud and security from our Help Centre

Explore topics on fraud and security from our Help Centre

How to recognise possible fraud

Types of fraud, possible scenarios, red flags and what to do if you think you’ve fallen victim to fraud.

Learn more
How to protect yourself from phishing attacks

Even with strong spam filters, cybercriminals constantly adapt to bypass security controls. Staying alert and proactive is your best defense.

Learn more
How to recover a compromised email account

If your email is compromised, fast action is key. Read our guide to safely regain control and protect your data.

Learn more
Avoid making fraudulent transactions in the UK

Confirmation of Payee (CoP) is a UK name-checking service designed ensure that your money is going to the right place.

Learn more
Avoid making fraudulent transactions in the EU/EEA

Verification of Payee (VoP) is an EU/EEA name-checking service designed to ensure that your money is going to the right place.

Learn more
Login and security setup with MFA

Multi-factor Authorisation (MFA) enhances your account security with an extra layer of protection, reducing the risk of unauthorised access, identity theft and data breaches.

Learn more