Business Email Safety

Business Email Compromise (BEC)

What is Business Email Compromise?

At its core, BEC relies on the oldest trick used by con-artists: deception. However, the level of sophistication used in this global form of fraud is unprecedented and continues to trick professional business people every day. BEC can take several different forms. In many cases, the scammers target employees with access to company finances and trick them into paying invoices or making payments to accounts they believe belong to trusted partners. In this case, the money then ends up in an account controlled by the criminals. 

Common Schemes

  • Spoofing email accounts and websites: These scams use slight, almost undetectable, variations on legitimate email or web addresses ( vs
  • Spear-phishing: emails that are believed to be from trusted senders in an attempt to access confidential information
  • Malware: Used to gain access to company networks and reach into legitimate email threads about billing, invoices, or other finances. Malware can also be used to access a victim's data, including passwords and financial account information
  • Social media information: Fraudsters can gain information about employee job roles and duties via social media. When an employee posts on social media that they will be out of the office, this can give criminals the information they need to spoof that employees accounts. These schemes usually consist of an email sent by the compromised employee, from a different email, claiming they cannot access their work email from their current location. 

Oftentimes, these fraudulent requests are made with increased urgency. If you feel you are being rushed into making a transfer, completing a wire, or providing other forms of payment, take extra caution. When in doubt call the person making the request, and make sure it is legitimate. 

How Can You Prevent BEC?

  • Avoid free web-based email accounts. Establish a company domain name and use it to establish company email accounts
  • Be careful with what is posted to social media; especially details about job duties, hierarchical information, or out of office notifications  
  • Look out for common red-flags:
    • Unexplained urgency
    • Last-minute changes in established communication platforms or email account addresses
    • Any communications solely through email with a refusal to speak via telephone or video platforms
    • Requests for advance payments when never previously requested
    • Requests from employees to change direct deposit information
    • Last minute changes in wiring instructions or account information
  • Verify changes and information via the contact on file-- not the phone number provided in the email
  • Ensure the URL is associated with the company it claims to be from
  • Be alert to hyperlinks that contain misspellings 
  • Consider using the forward option rather than reply. When answering an email, "forward" the email and type in the correct email address to make sure the intended recipient is correct

Information for this article provided by First Financial Bank and the FBI.