top of page

How to Report Business Identity Fraud

If someone is using your company’s name, details, or branding to commit fraud, you’re dealing with business identity theft — and it needs to be reported quickly and correctly.


Whether it’s fake invoices, phishing emails sent in your name, or fraudulent loans using your company registration, the longer it goes unchecked, the greater the risk to your finances and reputation.

This guide outlines where and how to report business identity fraud — and what to do to protect your business in the aftermath.



 


Step 1: Confirm the Signs of Identity Fraud


Before reporting, gather evidence of what’s happened. Common signs of business identity misuse include:

  • Fake emails or invoices sent using your company’s name

  • Suspicious credit applications in your company name

  • Unauthorised changes to Companies House records

  • Clients or suppliers reporting contact from imposters

  • Your business appearing in fraud warnings or scam alerts


Save copies of any phishing emails, letters, altered documents, or URLs being used — these will be important when reporting.



 


Step 2: Report the Fraud to Action Fraud (UK)


If you’re in the UK, your first port of call is Action Fraud, the national reporting centre for cybercrime and fraud.

You can report:

  • Online, using their business fraud reporting tool

  • Or by phone on 0300 123 2040 (available Mon–Fri)


You’ll receive a crime reference number, which you can use to update banks, regulators, and insurers.

If you're outside the UK, check your local cybercrime reporting authority — or speak to your legal/compliance advisor.


 


Step 3: Notify Companies House (If Records Were Changed)


If your company registration details were altered without your knowledge (e.g. address, directors, contact info), you should:

  • Contact Companies House immediately

  • Ask to restore the correct details

  • Request that the fraudulent changes are flagged and locked

  • Consider enabling the "PROOF" scheme to prevent unauthorised future filings


This helps stop fraudsters from misusing your legal identity.



 


Step 4: Inform Your Bank and Financial Providers


If your business bank account, credit facilities, or supplier credit terms may have been used or targeted:

  • Notify your bank’s fraud team immediately

  • Ask them to monitor or freeze suspicious activity

  • Check for any new accounts, loans, or transactions opened in your company’s name


They may also request the Action Fraud case number.



 


Step 5: Warn Clients, Partners, and Suppliers


If customers or contacts may have received phishing emails or fake invoices claiming to be from your business:

  • Let them know proactively and clearly

  • Share what’s legitimate (e.g. domain names, contact info) and what isn’t

  • Ask them to report any suspicious activity

  • Provide a trusted contact point for clarification

Clear communication helps contain reputational damage and shows you're taking control.


 


Step 6: Check for Wider Compromise


Business identity fraud is sometimes part of a larger cyber attack. It's important to check:

  • Has your email system been compromised?

  • Are staff credentials exposed online?

  • Has any data been leaked to the dark web?

  • Are threat actors using your branding in phishing or ransomware campaigns?


STORM Guidance can help investigate potential exposure and advise on recovery.


You may also want to review the types of cyber incidents your business could face — and how to prepare.



 


Step 7: Protect Yourself from Future Misuse


Once the immediate fraud is reported, take steps to reduce the risk of future attacks:

  • Enable multi-factor authentication (MFA) across all systems

  • Secure your email domain with SPF, DKIM and DMARC

  • Register similar/spoofable domains to avoid impersonation

  • Lock down Companies House filings

  • Review access to sensitive client data


Need help reviewing or responding? Our team of experts is available 24/7 for emergency cyber incident response.



 


How STORM Guidance Can Help


✔ Investigation into company impersonation and identity fraud

✔ Digital footprint scans and dark web monitoring

✔ Regulatory reporting and legal guidance

✔ Customer communications support

✔ Security reviews to prevent repeat incidents



 


Don’t Let Business Identity Fraud Spiral


The earlier you act, the more you can control.

Business identity fraud is serious — but with the right reporting and response, your company can recover quickly and confidently.

STORM Guidance is here to help you act fast, reduce impact, and prevent it from happening again.



Recent Posts

See All

We respond to any cyber or fraud incident, globally

At STORM Guidance, we provide industry-leading expertise in ransomware response, cyber defence, and security resilience.

Whether you need urgent assistance or want to bolster your defences, our experts are here to help.

Contact the CyberCare team

If you would prefer to speak to the team, give us a call:

UK/Europe: +44-203-693-7480

Africa: +230-434-1277

USA: +1-703-232-9015

Your contact details will only be used in connection with this enquiry. Please read our Privacy Policy.

bottom of page