If you notice unusual employee behavior, financial discrepancies, strange vendor communications, or anomalies in audits, your business has likely fallen victim to fraud.
What threats should businesses look out for?
Business email compromise (BEC) is one of the most financially damaging threats. This cybercrime involves a company receiving an email from someone pretending to be a known client or vendor. The message may indicate that the payment details have changed and funds now need to be transferred to a new account, bank, or recipient.
Because the note usually includes familiar details, such as the logo or name, and a sense of urgency, the victim may deem it legitimate and follow the instructions. In the wake of this payment, a business may likely recognize its error and find itself in an alarming situation, with its money gone.
In general, BEC attacks are sophisticated social engineering scams designed to trick people into authorizing a fraudulent payment or sharing sensitive information. BEC attackers regularly use AI to research and create personalized, convincing messages.
There are a few types of BEC scams, including:
- Executive impersonation: Attackers pretend to be a company’s executive
- Vendor fraud: Scammers pose as legitimate suppliers or vendors
- Invoice manipulation: Fraudsters send a fake invoice
- Email account compromise: Cybercriminals take over an employee’s email through phishing or malware and use it to ask for an urgent wire transfer
What is the difference between business email compromise and phishing?
Phishing involves casting a wide net of thousands of emails, with attackers hoping for a few targets to take the bait. BEC, on the other hand, is a sophisticated and targeted process that involves scammers using social engineering and AI to target specific individuals or a business.
While phishing can be prevented with antivirus software tools and spam filters, BEC scams are more difficult to prevent. They usually don’t contain malicious attachments and come from a trusted contact, so they evade traditional cybersecurity measures.
What are the red flags that an email requesting a payment change is a BEC scam?
If you notice suspicious details in an email communication requesting a change in payment methods or amounts, be cautious and explore further before actioning. Here are some key red flags to watch out for:
- Changing the country of the beneficiary’s bank
- Changing the beneficiary name
- A reason is provided for the change
- A lookalike or spoofed email address
- Incorrect spelling or grammar
- Invoice change (logo, style, or file size)
- Urgency — the sender asks for the funds ASAP
What should I do immediately if my business has been a victim of a BEC scam?
Realizing your business has become a victim, and funds have been sent to a fraudster can be distressing. In fact, the true number of instances is unknown, as many BEC crimes are unreported. Yet, it’s important to notify the right parties so action can be taken.
Clients of Convera can engage our compliance team for assistance in reporting these suspected crimes and attempting to recover stolen funds.
Here are five steps to consider taking if you determine that funds have been sent to a fraudster:
- Immediately contact accounting at your business, financial institutions, as well as your Convera representative, and file a report.
- Keep records of ALL contact made with the fraudster (e.g., electronic copies of the emails). If sensitive data was breached, notify affected parties and regulatory bodies.
- Report the incident to your local law enforcement. If contact was made via email, report it to the FBI’s Internet Crime Complaint Center (IC3).
- If there’s an indication that the email account has been compromised, work with your internal and external IT and cybersecurity teams on a forensic investigation.
- Freeze affected bank accounts, secure compromised systems, and do not make any further payments to the beneficiary until the security issue is resolved.
Is it possible to recover money lost to a fraudulent wire transfer?
Yes, this is possible, but action must be taken within the first 24 hours.
Recently, Convera recovered $4.7 million for a client whose customer had lost money from an email scam. It’s important to contact your Convera (and bank) representative as soon as you can, with all relevant information and documentation.
However, recovery is not guaranteed, and it is better to work towards prevention.
How can my business prevent business email compromise attacks?
An effective BEC prevention strategy relies on combining technical controls, such as advanced threat protection, with secure business processes.
Here are three key steps to take:
- Keep a list of your vendors and suppliers with emails, phone numbers, and addresses for reference
- Never take a significant financial action from an email instruction alone
- Always call your contact to verbally confirm any change
Even more importantly, ensure your employees understand what BEC attacks are and how to spot one, and continuously train them.
If you are a Convera customer and believe you have been the victim of fraud through Convera, you should reach out to your account manager as soon as possible. Read more about fraud awareness and Convera.
