We call it business email compromise. Fraudsters call it a goldmine for deception.
And it’s as simple as this: a criminal sends an email posing as a high-ranking official in a company requesting payment for an order. Or a criminal impersonates a vendor sending a remittance form for recent work.
Even worse: a criminal poses as the employee of your company and requests account information from a vendor because they need to make a change or update direct deposit payments.
Regardless, the result is the same. Someone not paying enough attention on a fast-paced day is going to get burned for big bucks.
“If something doesn’t look right, trust your gut. Before you fall victim, implement an internal control to confirm all payment requests or changes to an existing payment.”
Jeff Taylor, head of Commercial Fraud Forensics for Regions Bank
“Business email compromise remains one of the most popular fraud trends because it continues to work,” said Jeff Taylor, head of Commercial Fraud Forensics for Regions Bank. “It works because the criminals do a good job of impersonating legitimate people and businesses. And it works because we’re too often in a rush to complete tasks; even important ones like the origination of payments.”
Business Email Compromise Means of Deception
Take a few minutes to make yourself familiar with the most common forms of business email compromise:
- Phishing – using bogus emails to prompt victims to reveal confidential information.
- Email spoofing – criminals try to spoof legitimate email addresses.
- Domain lookalike – Like email spoofing, but instead of creating a similar email address they create a similar website domain address.
- Social engineering – fraudsters use phone calls/conversations to gain trust.
“If something doesn’t look right, trust your gut. Before you fall victim, implement an internal control to confirm all payment requests or changes to an existing payment,” Taylor said.
Related Articles From Doing More Today:
The information presented is general in nature and should not be considered, legal, accounting or tax advice. Regions reminds its customers that they should be vigilant about fraud and security and that they are responsible for taking action to protect their computer systems. Fraud prevention requires a continuous review of your policies and practices, as the threat evolves daily. There is no guarantee that all fraudulent transactions will be prevented or that related financial losses will not occur. Visit regions.com/STOPFRAUD or speak with your Banker for further information on how you can help prevent fraud.