Call Us

How to Identify a Business Email Compromise Scam

Posted on

Cyberattacks and phishing schemes like Business Email Compromise (BEC) are becoming more common than ever. These happen when a cybercriminal attempts to impersonate an executive or someone within a company to get access to data and money. Though these may sound simple enough to avoid and recognize, BEC is increasing and becoming more sophisticated and difficult to detect with each passing year. That’s why learning how to identify a business email compromise scam and having adequate cybersecurity is so important in this day and age. To know what to watch out for, read on.

Did You Receive an Email Urgently Requesting Funds?

Many BEC scams tend to have common subject headings, and one of the most frequently used ones is an Urgent Request for Funds Transfer. This may appear as though an executive or someone with a senior position in your company is requesting to have an invoice processed. Or they might be ordering an employee to change the recipient name on a scheduled payment. 

Here are some common examples of what the email subject might look like:

Wire Transfer Request

Payment – Important

Bank Transfer Enquiry

Urgent Request

Fund Payment Reminder

What are the Sender’s Details?

Always look at the domain and details of the sender. With a quick glance, it might appear to be the same domain as your company, but it’s important to look carefully. Fraudsters often use a domain that is almost identical but has slight variations with the spelling or end tail of the domain address. For example, name@business.com.au.net.

Sometimes the email will come from a personalized address, either from Hotmail or Gmail. So keep an eye out for this as well.

Does the Email Have a Very Brief Message

When it comes to phishing scams, the emails are usually very brief and right to the point. They will urge you to bypass normal procedures and perform their request right away.

Was the Email Sent from a Mobile Device 

Another common warning sign is if the email appears to have come from a mobile device. This is usually indicated at the bottom of the email. Also, if the sender says they are travelling or in transit, take it as a red flag.

What to do When Faced with a BEC

Here are some things you should do when face with a BEC:

  • Check and verify directly in person or over the phone with any senders making requests to send money
  • Carefully look at the email address and details of each sender
  • Have your staff thoroughly trained to recognize and deal with BEC threats

If your business has been the target of a BEC, The Smith Investigation Agency can help ensure your business is protected from fraud. Contact us today to learn more.