Business Email Compromise (BEC) scams involve fraudsters impersonating company executives or trusted business contacts to trick employees into transferring money or sensitive information. These highly sophisticated scams often target companies with the intent to steal large sums of money or sensitive data.

What Are BEC Scams?

Business Email Compromise (BEC) scams are a type of cybercrime where attackers use email fraud to deceive employees of a company into making unauthorized transfers of funds or disclosing confidential information. These scams are typically carried out by hacking into or spoofing legitimate business email accounts to impersonate executives, vendors, or business partners. The attackers use these compromised accounts to send fraudulent instructions to employees in finance or HR departments, leading to significant financial losses and data breaches.

How BEC Scams Work

BEC scams can take various forms, each designed to exploit the victim’s trust and organizational protocols. Here are some common methods:

• CEO Fraud: Scammers impersonate a high-ranking executive, such as the CEO or CFO, and send emails to employees in finance, instructing them to transfer money to a fraudulent account. The emails often convey urgency and confidentiality to prevent the employee from verifying the request.
• Account Compromise: Attackers hack into a company executive’s or employee’s email account and use it to request invoice payments to fraudulent accounts. The victim believes the request is legitimate because it comes from a known email address.
• Fake Invoices: Scammers create fake invoices that appear to be from trusted vendors or business partners and send them to the company’s accounting department for payment. The invoice often includes altered payment details directing funds to the scammer’s account.
• Attorney Impersonation: Scammers impersonate a lawyer or legal representative and send emails to employees, usually during a time-sensitive and confidential matter, to trick them into making urgent payments.

Recognizing BEC Scams

To protect yourself from BEC scams, it’s essential to recognize the warning signs:

• Unusual Requests: Be cautious of unexpected or unusual requests for money transfers, especially those that are urgent or confidential.
• Changes in Communication Style: Noticeable changes in the tone or style of emails from executives or business partners can be a red flag.
• Email Address Discrepancies: Check for slight variations in email addresses that mimic legitimate ones (e.g., john.doe@company.com vs. john.doe@cornpany.com).
• Verification Avoidance: Be wary of emails that discourage verification or insist on bypassing standard procedures for security reasons.

Protecting Yourself from BEC Scams

Protecting yourself from BEC scams requires vigilance, robust security protocols, and employee training. Here are some key steps to take:

• Implement Multi-Factor Authentication (MFA): Use MFA to secure email accounts and sensitive systems to prevent unauthorized access.
• Verify Requests: Establish procedures for verifying payment and data requests, such as confirming through a secondary communication method (e.g., phone call).
• Educate Employees: Conduct regular training sessions on recognizing and responding to BEC scams, emphasizing the importance of skepticism and verification.
• Monitor Financial Transactions: Regularly review and monitor financial transactions for any suspicious or unauthorized activity.

What to Do If You Suspect a BEC Scam

If you suspect that you have encountered a BEC scam, it’s crucial to act quickly to protect your information and report the scam. Here’s what you should do:

• Stop Communication: Cease all communication with the suspected scammer immediately.
• Verify and Report: Verify the legitimacy of the request with the purported sender using a known and trusted contact method, and report the incident to your company’s IT and security teams.
• Notify Authorities: Report the scam to the Federal Bureau of Investigation’s (FBI) Internet Crime Complaint Center (IC3) and other relevant authorities.
• Secure Accounts: Change passwords and implement additional security measures to protect compromised accounts.