How to Protect Yourself from Business Email Compromise
Business Email Compromise (BEC) scams continue to increase worldwide, targeting companies of all sizes and revenue.Even companies like Facebook, Google, and Toyota have been targeted, so now is the time to ensure your business is taking protective measures.
What is Business Email Compromise?Business Email Compromise is a type of phishing scam in which fraudsters try to hack, spoof or impersonate business email addresses. They may change one letter or number in a familiar email address to make their scam appear legitimate.
Example: [email protected] – [email protected]
Scammers may send emails to employees in an attempt to gain credentials or convince someone to send a fraudulent wire. They may also send an email that appears to be from a known third party such as a vendor.
Scammers have also been known to send an email to customers, posing as the legitimate business, in an attempt to obtain their payment information or other sensitive information.
How do I recognize a Business Email Compromise scam?BEC scams are often difficult to spot, but there are a few red flags to be on the lookout for. Common signs of BEC messages include:
- The message is brief, urgent, and presses you to bypass normal policies and procedures;
- The request appears to from an executive, vendor or other partner that is outside of the norm;
- A request for sensitive employee, payroll or company information;
- Emails have misspelled words or poor grammar;
- Unexpected attachments sent by email;
- Emails sent after business hours or on weekends, holidays, or other nonstandard business days.
Carefully check the email address of the sender to ensure it’s legitimate. Since they can be just one character off, spoofed email addresses can be easy to miss.
How to protect against Business Email Compromise
As with any type of fraud, verifying information before sharing sensitive information or sending payments is a key step. Pay close attention to all emails to ensure they are from a known source.
When in doubt, do not click links within an email or open attachments.
If you receive new payment instructions from someone you submit payment to on a regular basis, confirm the new instructions with that individual or company in person or over the phone using contact information you’ve previously used.
As a reminder, please contact our Treasury Management Support team at [email protected] or (877) 840-8588 should you ever have concerns about the safety of your account(s).