FRAUD PREVENTION
Business Email Compromise
Learn how you can help safeguard your business from fraudulent emails that can trick employees into sending money or sharing company information.
How are you safeguarding your business against malicious emails?
Being knowledgeable about security is the best deterrent against fraud. Consider these tips on identifying and avoiding complex email scams targeting businesses today.
Five types of Business Email Compromise to watch out for:
- CEO Impersonation: A fraudster impersonates a CEO, CFO, or another executive of a company by creating a fake email address that often looks legitimate or by hacking a real user’s account. Using this email address, they ask an employee to transfer funds to a bank account controlled by the fraudster.
- Account Compromise: An employee of a company has their email address compromised. The account is then used to request, initiate, or authorize the transfer of funds to a bank account controlled by the fraudster.
- False Invoice Scheme: A fraudster pretends to be a supplier by compromising the supplier’s email system or sending a spoofed email on behalf of a supplier. They use the account to request fraudulent payments or change payment instructions.
- Attorney Impersonation: A fraudster claims to be an attorney and issues a fraudulent request warning of the consequences of noncompliance, including the prospect of litigation. Employees at lower levels are commonly targeted with this scheme.
- W-2 Form and Other Data Theft: A fraudster targets a company’s HR department to obtain an employee’s W-2 tax form or other personally identifiable information, which can then be leveraged in a future attack. Executives are frequently targeted in this type of scheme.
Although these are commonly used schemes, fraudsters use many tactics. This is not an exhaustive list of all BEC scams one might encounter.
How to identify Business Email Compromise
Spotting BEC scams before losses are incurred can be as simple as knowing what to look for. Malicious emails may often contain strange phrases, syntax, fonts, date formats, misspellings in the domain or name of the purported sender. The FBI outlined a few indicators that should draw suspicion:
- Unexplained urgency.
- Last-minute changes in payment instructions or recipient account information.
- Last-minute changes in established communication platforms or email account addresses.
- Communications only in email and refusal to communicate via telephone or online voice or video platforms.
- Requests for advance payment of services when not previously required.
- Requests from employees to change direct deposit information.
- Strange requests to do something outside of the approved policy or procedure.
Best Practices to Consider
Help combat email compromise scams by becoming familiar with the various tactics and taking precautions before and after you receive payment requests.
Create company policies:
- Contact the sender to verify they sent the email
- Validate payment instructions with the details you have on file
- Implement multiple approvals for large remittance amounts
- Establish approval protocols when executives initiate a transaction
- Set checks and balances
Ensure employees understand how to decipher fraudulent emails and URLS.
- Do all the details in the email match what you have on file?
Supply employees with instructions if they suspect or experience fraud.
- It’s important to act quickly. If your business is targeted, remember to alert your IT department and Amegy Bank immediately, and file a complaint with the FBI Internet Crime Complaint Center (IC3).
Integrate prevention strategies with a combination of technical and non-technical security controls.
- Build in system controls within the IT portion of your business to map existing workflows for ACH and wire payments. Identify weaknesses that could expose you to risk.
Before your business receives a payment request:
Implement a dual approval requirement and limit the number of people who have authority to send money.
Establish intrusion detection rules that flag emails from addresses with domain names similar to the company’s domain name and where the reply address is different from the email address shown.
Utilize callback thresholds for monetary transactions.
Avoid sharing confidential information before confirming you are communicating with a trusted source.
Work with vendors on a secure process to receive and verify payment instructions.
After your business receives a payment request:
Perform a callback to a known client number (not the number in the request).
Carefully review all email requests, especially if they provide new payment instructions.
Avoid replying to suspicious emails.
Avoid clicking on links or opening attachments if you do not recognize the sender.
Exercise additional scrutiny and verify changes with a secondary sign-off if changes are made to a payment request.
Contact Us
Customer Service
800-287-0301
Make Appointment
Schedule an appointment
Visit a Branch
Find a location near you