What Is Business Email Compromise (BEC) Fraud?

Business

July 25, 2023

A hook fishing a letter and paper out of a laptop

If you’re a business executive or anyone who handles money or credit accounts at your place of business, learning about business email compromise (BEC) fraud can help protect your company from a major financial loss. Here’s everything you need to know about BEC fraud and how to protect your assets.

Business Email Compromise Fraud Explained

BEC is a type of phishing attack where scammers try to trick executives or other employees into transferring funds or revealing sensitive company information. Like other forms of phishing, BEC fraud pretends to be from a legitimate source.
BEC fraud could come through email, text messages, or phone calls. These scams often appear to come from a source you know, like a vendor you work with, and they appear to make a legitimate request.

Common Targets for Business Email Compromise Fraud

Any employee could be a target of BEC fraud, but executives or employees who have access to company funds or confidential data are especially likely to be targeted.
Businesses, governments, nonprofits, and schools are all common targets. People in leadership positions are also susceptible because there is often information available about them in public spaces like the company’s website or local publications.

Examples of Business Email Compromise Fraud

Since BEC is all about tricking you into thinking that a request is legitimate, it can come in many forms.

Here are some specific examples:

A vendor you work with sends a fake invoice
The CEO of your company asks you to make a sudden purchase, like gift cards for all employees
A scammer steals information from HR to better impersonate executives or employees

In any of these scenarios, the scammer will try to get you to take immediate action, whether it’s sending confidential information or making some sort of payment. That sense of urgency is their way of pushing you toward acting before you realize that the request is actually a scam.

Red Flags for Business Email Compromise Fraud

Since BEC is designed to fool you into thinking it’s a legitimate communication, you really want to make sure that you stop and think about every request you receive before acting on it.

Possible red flags for BEC include:

Non-personalized greetings like “Sir” or “Customer”
Odd grammar like missing punctuation
Spelling mistakes
Slight variations on legitimate addresses (joe.avery@company.com vs. joe.averry@company.com)
Requests that come from unusual channels or ask you not to tell others about the request

Always stop and think before taking any action. If something feels odd, like a CEO asking for employee W-2 forms that they normally wouldn’t handle themselves, that is a red flag that it may be fraud.

How to Protect Yourself from Business Email Compromise Fraud

The best thing you can do to protect yourself from fraud is to always stop and think before you click or act. If there are any red flags or even if something just feels potentially off, do not follow-through with the requested action.

Other tips to help stay safe include:

Do not overshare online or on social media, because some of this information can give a scammer the information they need to guess your password or answer your security questions
Don’t click on anything or open attachments from unsolicited emails or texts
When in doubt, hang up the call, ignore the text, or close the email and reach out to the company/person directly using their public contact information
Scrutinize the email address, URL, and spelling used in any correspondence to make sure it’s correct
Set up two-factor or multi-factor authentication whenever it’s available
Verify payments, purchase requests, account changes or any similar information in-person if possible or by calling the person directly
Be extra careful if the requestor is pressing you to act immediately

From fostering a supportive and inclusive work environment to the many opportunities for growth and development, Suncoast Credit Union strives to be an inspiring and healthy place to work. Plus, we’re always looking for new talent to add to our growing team! If you liked what you read here, consider this your official invitation to browse our careers site and apply to any positions that suit your interests and experience level. You can also view available positions on our LinkedIn page. It’s that simple!

Blog Articles For You

Get inspired, informed and empowered with these personalized articles just for you.

Business

What’s Needed for a Business Loan?

Before you apply for a business loan, learn about the eligibility requirements and what is needed to qualify for a small business loan.

Illustrated car comparing insurance coverage to gap coverage

Safety and Protection

What Is GAP and What Does it Cover?

If you’re making car payments, Guaranteed Asset Protection (GAP) is a type of coverage that can save you a ton of money if your car is lost or totaled. Let’s explore what GAP is and what it covers.