Business Email Compromise

What is Business Email Compromise?

More frequently, businesses are experiencing cyber-crime and fraud related activity. One scheme targeting businesses is a high-tech scam known as Business Email Compromise (BEC). The fraud occurs when fraudsters send fake emails imitating legitimate emails and trick unsuspecting persons into sending fraudulent wire transfers.

A Real-Life Scenario

While the CEO for a U.S. company was out of the country, the company accountant received an email from the CEO with instructions to complete a time-sensitive wire transfer. The instructions included the CEO's signature and company seal, so the accountant completed the wire transfer as instructed.

On a phone call the next day, the accountant reported the wire transfer had been completed on time. The CEO said he had never authorized the transfer.  The business had been defrauded through BEC.

What were the warning signs that could have prevented this from happening?  In hindsight, the accountant noticed the CEO's email address was incorrect, appearing as ".co" instead of ".com". After taking an even closer look, it was clear the signature was forged and the company seal was copied from the company website. Confidential information such as executive names, titles, corporate email addresses were also online, giving the fraudsters the data needed to carry out the scam.

A Growing Trend

According to the Federal Bureau of Investigations' Internet Crime Complaint Center (IC3), from June-December 2016, BEC fraud losses amounted to $448 million globally, with scams occurring  in all 50 states and 131 countries. (eWeek, Business Email Compromise Scams Continue to Grow…,Sean M. Kerner May 8, 2017)

Avoid Becoming a Victim

It's important that businesses take precautions to prevent becoming a victim of BEC. We recommend businesses speak with a banking officer and follow these tips offered by the IC3.

  • Evaluate security and approval procedures for emails containing instructions for financial payments; consider implementation of a two-step approval or verification process.
  • Verify any changes to a vendor's payment location.
  • Be cautious of using free, web-based email accounts that are more susceptible to being hacked.
  • Use caution when posting financial and personal information to company websites and social media.
  • Validate all requests that need urgent action, request secrecy or require significant changes.
  • Create intrusion detection system rules that flag emails with extensions similar to, but different from the real extension, i.e. ".co" instead of ".com".
  • Consider registering additional Internet domains that are slightly different from the official company domain.
  • Become familiar with your customers' habits, levels of transaction activity and payment amounts.

Victims of BEC

If you find that your business email has been compromised or has become a victim of BEC, visit the IC3 website at https://www.ic3.gov/  for tips and to file a report. We also encourage you to speak with your local Rabobank representative to understand what security measures and policies exist to support your business and help protect you against fraudulent activity. Services such as Positive Pay help our customers monitor their financial transactions to self-identify and detect fraud before it occurs.

Did you find the information on this page helpful?