Skip to Main Content
Doing More Today
  • News
  • Community
    • Associates in Action
    • Community Engagement
    • Small Business
    • Economic Development
  • Insights & Innovation
    • Economic Commentary
    • Insights
    • Innovation
  • Financial Wellness
    • Financial Wellness
    • Fraud Prevention
  • See the Good
    • Culture
    • Good Company
    • Good Towns
    • Good Pets
    • Ecards
    • Recipes
    • Riding Forward
Subscribe Now
Regions Bank

Regions Bank: Doing More Today: Good stories. Better insights. More possibilities.

Share
Share on Facebook
Share on X
Share on LinkedIn
Share via Email
Subscribe
illustration of computer screen with email message
Category: Fraud Prevention

Business Email Compromise Basics

Learn the three steps that can help fight the No. 1 type of fraud most businesses face.

By Jeff Taylor | October 12, 2022

October is Cybersecurity Awareness Month, a collaborative effort between government and industry to raise understanding nationally and internationally. This year’s theme is “See Yourself in Cyber” – and all month long, Regions will be providing tips, information and resources on how you can stay cyber aware to make smart decisions that keep you, your family and your community safe online.

What is the No. 1 fraud vector impacting businesses and consumers? Business email compromise, or BEC.

Businesses across the world are affected as fraudsters create seemingly legitimate requests for a change in payment instructions, a new payment, or even a redirection of the direct deposit of payroll for an employee.

Each iteration of business email compromise has its own nuances and attack vectors.

Take a minute to look at each one:

  • Executive Impersonation

    The oldest form of BEC, this tactic involves the impersonation of a trusted authority figure like a C-suite executive, an attorney or manager. The fraudster creates an email that appears to be originated by the trusted authority requesting a new payment or a change to an existing payment. The fraud may utilize one of the free email services with an address that mimics one that might be associated with the trusted authority. The request may indicate the executive is working from home or traveling and using a personal email address to request the change. In fact, it is the fraudster making the request to redirect a payment to an account they control.

  • Vendor Impersonation

    This BEC tactic is very similar but involves the impersonation of either a current or new vendor making the request. In many cases, the fraudster may have compromised the vendor’s email and has “nested” themselves in the platform to monitor activity. At some point, the fraudster will insert themselves into the conversation, request the change, then redirect email traffic to an external email account. In some cases, the fraudster may request that additional services, like money movement products, or additional users, be added to their profile. When this happens, it puts both the business and the employee at risk.

  • Employee Impersonation

    These BEC cases typically involve the use of a compromised or counterfeit email account designed to impersonate an employee. Using email, the fraudster requests a change to, or initiation of, direct deposit of payroll to a new account number. Once the request is processed, the next payroll is credited to the new account controlled by the fraudster. The transaction amounts are usually smaller than vendor payments but have a significant impact on the employee and employer.

 

While there are a number of red flags and characteristics indicating business email compromise, it is still difficult to identify a well-crafted email request. Fraudsters have become much more adept at researching their victims and impersonating them in ways that may seem legitimate.

One way to help avoid becoming a victim is to employ a simple technique endorsed by the industry called STOP-CALL-CONFIRM.

 

stop call confirm


When you receive an email requesting a change in payment instructions; the addition of services like wire, ACH, or administrative access; or a request to create a payment:

  • STOP what you are doing and review the email address for any discrepancies or anomalies.
  • Pick up the phone and CALL the requestor at a number you know (don’t call the number in the email or respond to the email because you will likely be corresponding with the fraudster).
  • CONFIRM the request as legitimate.

 

It can take less than five minutes to make the call.

Every one of us can help prevent fraud by embracing the 2022 Cybersecurity Awareness month theme “See Yourself in Cyber”. No matter what role you play, you can help take steps to protect your online information and privacy.

Be fraud-aware and take a risk-based approach with these types of requests. You’ll be glad you did!

 

Learn more about common fraud scams affecting businesses today and how to protect your business from internal and external fraud in the Next Step webinar “Fighting Business Fraud: Prevention & Awareness Tips.”

 

Read more about fighting business fraud on Doing More Today:

  • Difficult Economic Times Breed Business Fraud Schemes
  • 6 Tips for Protecting Your Business
  • 4 Steps to Avoid Vendor Fraud
  • 3 Steps to Keep Your Business Safe from Cyber Attacks

 

The information presented is general in nature and should not be considered, legal, accounting or tax advice. Regions reminds its customers that they should be vigilant about fraud and security and that they are responsible for taking action to protect their computer systems. Fraud prevention requires a continuous review of your policies and practices, as the threat evolves daily. There is no guarantee that all fraudulent transactions will be prevented or that related financial losses will not occur. Visit regions.com/STOPFRAUD, or speak with your Banker for further information on how you can help prevent fraud.
Share
Share on Facebook
Share on X
Share on LinkedIn
Share via Email
Subscribe

Trending Articles

  • 1.

    Angela Santone Joins Regions Bank as Chief People Officer

  • 2.

    Regions Recognized for Excellence in Mortgage Servicing

  • 3.

    Service and Support: Regions Bank Launches Disaster-Recovery Options for Consumers, Businesses

  • 4.

    Regions Bank Named 2025 Gallup Exceptional Workplace Award Winner

  • 5.

    Thrill Ride

Related Articles

Jenise Wright and icons depicting aspects of education and teaching.
Category: Community Engagement

School Spirit

Illustration of a thief mask with caution symbol and the...
Category: Fraud Prevention

FBI Warns of Impersonation Scams

Groups of Regions associates next to canoes and topsoil and...
Category: Community Engagement

Earth Week Spring Cleaning

Regions associates and Africatown Redevelopment Corporation (ARC) members holding large...
Category: Community Engagement

Building a Legacy: Regions Bank Supports Affordable Housing

Entrance to the Regions Tradition. A large sign in the...
Category: Culture

Regions Tradition 2025: Extra Impact

Incoming cell phone call from a bank and alert icon.
Category: Fraud Prevention

#BanksNeverAskThat – And Neither Does Regions

Illustration of a driver's license with a magnifying glass focussed...
Category: Fraud Prevention

Real ID Scams: 5 Tips to Avoid Becoming a Victim

Jeff Taylor, Regions Bank’s head of Commercial Fraud Forensics, met...
Category: Fraud Prevention

Extra Credit: 4 Fraud Truths to Remember

Regions.com | About Regions | Investor Relations | Privacy & Security | Website Terms of Use | Contact Regions | Careers at Regions
© 2025 Regions Bank Member FDIC |
All Rights Reserved | Member FDIC | Equal Housing Lender | Online Privacy

For more stories like these, connect with us at Doing More Today.

Subscribe for our weekly email update featuring the latest stories.

Which type of messages would you like to receive?
Please select at least one.

Share this story

Business Email Compromise Basics on Doing More Today

Doing More Today
  • News
  • Community
  • Insights & Innovation
  • See the Good
  • Financial Wellness
  • Search
  • Subscribe Now

You are now leaving Doing More Today

Regions provides links to other websites merely and strictly for your convenience. Linked websites are operated or controlled by a third party that is unaffiliated with Regions. The privacy policies and security at the linked website may differ from Regions privacy and security policies and procedures. You should consult privacy disclosures at the linked website for further information.

Continue