• Products and Solutions
    • I.T. Support
    Partek 360 Managed I.T. Services
    Help Desk
    Projects and Consulting
    • Infrastructure
    Servers & Networking
    Business Continuity
    Business VOIP Solutions
    Wifi
    Managed Print Solutions
    • Cyber Security
    Ransomware Protection
    Managed Threat Response
    Email Security
    Endpoint Backup & Disaster Recovery
    • Cloud Solutions
    Microsoft 365
    SharePoint
    Private and Managed Cloud
    • Web
    Website Development
    Website Management
    Hosting and Security
    Email Marketing
  • Company
    We’re always up for a chat!
    Get in Touch
    • About us
    Meet the Team
    Careers
    Contact Us
    • Stories
    • Case Studies
    • Client Success Stories
    • Website Portfolio
    • Blog
    Latest Articles

    Topics

    • Cloud
    • Cyber Security
    • Email
    • Information Technology
    • Website Design
    • Wifi
    • Recent News
    Partek has achieved Sophos Gold Partner status! 🌟
    30Mar

    Partek has achieved Sophos Gold Partner status! 🌟

    What is Phishing?
    09Feb

    What is Phishing?

  • Contact
Support

What is Business Email Compromise (BEC)?

  • Home
  • Archive
  • Cyber Security
  • What is Business Email Compromise (BEC)?
Partek Supported Remote Access (WFH) Solutions
November 23, 2020
5 Misconceptions about Cybersecurity and your Business
December 29, 2020
December 1, 2020
Categories
  • Cyber Security
  • Email
  • Information Technology
  • News
Tags

And why should I be worried about this?

Business email compromise (BEC), sometimes known as email account compromise (EAC), is one of the most financially damaging online crimes, and also one of the most common. It exploits the fact that so many of us rely on email to conduct business, both personal and professional.

In a BEC scam, criminals send an email message that appears to come from a known source making a legitimate request, like in these examples:

  • A vendor your company regularly deals with sends an invoice with an updated mailing address.
  • A company CEO asks her assistant to purchase dozens of gift cards to send out as employee rewards. She asks for the serial numbers so she can email them out right away.
  • A homebuyer receives a message from his title company with instructions on how to wire his down payment.
  • Versions of these scenarios happened to real victims. All the messages were fake. And in each case, thousands—or even hundreds of thousands—of dollars were sent to criminals instead.

How do Business Email Compromise scams work?

  1. Spoof an email account or website. Slight variations on legitimate addresses ([email protected] vs. [email protected]) fool victims into thinking fake accounts are authentic.
  2. Spearphishing emails. These messages look like they’re from a trusted sender to trick victims into revealing confidential information. That information lets criminals access company accounts, calendars, and data that gives them the details they need to carry out the BEC schemes.
  3. Malware. Malicious software can infiltrate company networks and gain access to legitimate email threads about billing and invoices. That information is used to time requests or send messages so accountants or financial officers don’t question payment requests. Malware also lets criminals gain undetected access to a victim’s data, including passwords and financial account information.

Business Email Compromise Explains

*Source: https://www.fbi.gov/image-repository/business-email-compromise-timeline-022717.jpg

How to Protect Yourself

  • Be careful with what information you share online or on social media. By openly sharing things like pet names, schools you attended, links to family members, and your birthday, you can give a scammer all the information they need to guess your password or answer your security questions.
  • Don’t click on anything in an unsolicited email or text message asking you to update or verify account information. Look up the company’s phone number on your own (don’t use the one a potential scammer is providing), and call the company to ask if the request is legitimate.
  • Carefully examine the email address, URL, and spelling used in any correspondence. Scammers use slight differences to trick your eye and gain your trust.
  • Be careful what you download. Never open an email attachment from someone you don’t know, and be wary of email attachments forwarded to you.
  • Set up two-factor (or multi-factor) authentication on any account that allows it, and never disable it.
  • Verify payment and purchase requests in person if possible or by calling the person to make sure it is legitimate. You should verify any change in an account number or payment procedures with the person making the request.
  • Be especially wary if the requestor is pressing you to act quickly.

If you have any questions on how you can protect your business from Business Email Compromise threats, contact us today!

Share

Related posts

March 30, 2023

Partek has achieved Sophos Gold Partner status! 🌟


Read more
February 9, 2023

What is Phishing?


Read more
January 9, 2023

Social Engineered Cyber Attacks


Read more
December 5, 2022

Define your cybersecurity risk


Read more

[email protected]
[email protected]

Medicine Hat

202 – 132 4th Ave SE
Medicine Hat, Alberta
T1A 8B5
(403) 488-3333

Swift Current

101 – 140 2 Avenue NW
Swift Current, Saskatchewan
S9H 0P2
(306) 437-0803

Get the latest from Partek

Email updates on the latest tech, cyber-security advice, best business practices, and Partek news.

  • Open a Support Request
  • Remote Support Portal
  • Make a Payment
  • Partek Client Portal
  • Careers
© 2023 Partek I.T. Solutions | All Rights Reserved | Privacy Policy