Business email compromise
Business email compromise refers to the act of cybercriminals gaining access to a business email account and masquerading as the account owner to help their fraudulent emails appear legitimate. One of the most common tactics is fraudulent wire transfers. Cybercriminals send emails to employees who can access a company’s funds and request transactions like wire transfers or ACHs. In other instances, a cybercriminal might contact a worker who has access to employee information, such as a payroll or human resources associate, hoping to gain personal data to perpetuate identity theft.
Several red flags can help indicate business email compromise – most are similar to those seen in phishing. The biggest indication of business email compromise occurs when an email is received from an executive or business leader that demands payment or sensitive documents be urgently processed and sent. Often, the messages claim that the sender is traveling to explain why their message is brief and the email signature different than usual.
Example of business email compromise
- Do not act on a request to send payments or provide sensitive documents without verifying authenticity.
- Do not reply to the email or call a number listed in the email as the fraudster likely has control of the email and will personally reply to your inquiry.
- Do not click on attachments or links included in the email as this could install malware on your system to cause further damage.
- Carefully examine the email’s address and contents as there will likely be signs of its illegitimacy, such as a strange greeting, typos, odd wording and an unusual signature.