Member FDICFDIC-Insured - Backed by the full faith and credit of the U.S. Government

Preventing business email compromise

Cyber criminals have elevated their techniques for masking fake emails

To commit wire fraud, scammers must be able to obtain the bank and other account login information of their target. While they can use several methods to do that, business email compromise (BEC), or email phishing, is the most prevalent method.  

Phishers create emails made to appear as if they were sent by a legitimate source, such as a financial institution, a vendor, or someone from within the company. The fake email typically includes some sort of urgent request or call to action, such as an account alert or a payment/information request along with a link.

 When the email recipient clicks on the link, they are sent to a fake website masquerading as a legitimate site. When the victim attempts to log on to the site, the phisher can monitor the logon credentials, so they can be used to log on to the legitimate website. Once on the site, they can drain the funds or use them for purchases.

If you suspect fraudulent activity on your account, Alpine Bank customer service and internet banking support representatives are available to take your call Monday through Friday, 7:30 a.m. to 6:00 p.m., and on Saturdays from 8:45 a.m. to 12:15 p.m., at 800-551-6098.

 Steps to preventing wire transfer fraud

 Be on the lookout for phishing expeditions: Cyber criminals have elevated their techniques for masking fake emails to make requests for funds or information appear valid. Emails must be closely scrutinized for phony email addresses and domain names and salutations that appear personalized. If anything looks even slightly off, flag the email for further examination or deletion.

Be wary of an urgent call to action: Any email that urges a quick response to a request should be carefully inspected. 

Verify all money and information requests: The email account of a colleague or vendor may have been compromised, enabling the phisher to make the email look as if a valid source sent it. All email requests should be verified by contacting the sender using a phone number from the business’s contact list.

Act immediately: If you think a phisher has targeted you, contact your financial institution directly to warn them of the attempt. You should also report it to the FBI Internet Complaint Center, the Federal Trade Commission spam unit, and the Cybersecurity and Infrastructure Security Agency.

About This Author


Ross Bentzler

Ross Bentzler is Executive VP and Information Security Officer for Alpine Bank. Ross has worked in the information technology field for two decades, focusing on information security for 13 years.

More about Ross Bentzler

Allpoint It’s your money after all. Find a surcharge-free ATM