Business email compromise

Tips to identify it, and how to protect yourself

Business email compromise (BEC), also known as email account compromise (EAC), is one of the most financially damaging online crimes. It exploits the fact that so many of us rely on email to conduct both our personal and professional business.

In a BEC scam, criminals send an email message that appears to come from a known source, with a legitimate request. Here are two examples:

  • A vendor your company regularly deals with sends an invoice or wire with an updated destination or account.
  • A homebuyer receives a message from his title company with instructions on how to wire his down payment.

Versions of these scenarios happened to real victims. All the messages were fake. And in each case, thousands — or even hundreds of thousands of dollars, were sent to criminals instead.

How to protect yourself

  • Set up two-factor (or multi-factor) authentication on any account that allows it, and never disable it.
  • Verify all changes to payment information outside the email thread. If you receive an email asking for a change, call the person back on a known, good phone number for verification.
  • Carefully examine the email address, URL and spelling used in any correspondence. Scammers use slight differences to trick your eye and gain your trust.
  • Don’t click on anything in an unsolicited email or text message asking you to update or verify account information. Look up the company’s phone number on your own (don’t use the one a potential scammer is providing) and call the company to ask if the request is legitimate.
  • Be careful what you download. Never open an email attachment from someone you don’t know and be wary of email attachments forwarded to you.
  • Verify payment and purchase requests in person if possible or by calling the person to make sure it’s legitimate. You should verify any change in account number or payment procedures with the person making the request.
  • Be especially wary if the requestor is pressing you to act quickly.

About This Author

avatar

Ross Bentzler

Ross Bentzler is Executive VP and Information Security Officer for Alpine Bank. Ross has worked in the information technology field for two decades, focusing on information security for 13 years.

More about Ross Bentzler

LinkedIn

Related Products

Liberty Checking

Get all the checking essentials, including digital services. On top of that, waive the statement fees by going paperless.

Learn More about Liberty Checking

Loyalty Visa® Debit Card

Give back to your chosen cause. Whether it's the arts, education, environment or beyond, small change makes a big difference.

Learn More about Loyalty Visa® Debit Card

Green Lending

Various consumer and business loan programs to help our customers make energy and resource improvements to their lives.

Learn More about Green Lending
Allpoint It’s your money after all. Find a surcharge-free ATM
FIND A SURCHARGE-FREE ATM!
AllPoint