Knowledge Center

How to Prevent Business Email Compromise

keeping-my-information-safe | Read Time: 2 minutes

By WSFS Contributor | Published: 2019

How to Prevent Business Email Compromise

Maintaining a secure work environment and minimizing fraud are key for business owners today.

One commonly perpetrated type of fraud can be especially costly: business email compromise, more commonly known as BEC. BEC involves a request for a transfer of funds or payment that comes from a hacked or fake account. Often, the sender’s domain and actual email will look very legitimate.

Criminals reportedly stole nearly $750 million from more than 7,000 U.S. businesses from October 2013 to August 2015, according to the FBI. The FBI also estimates that more than $1.2 billion has been lost due to BEC scams when domestic and international cases are combined. Unfortunately, BEC scams often fall outside the provisions of insurance coverage and government protections because companies intentionally send the money.

How can you prevent this type of fraud from happening to your business?

Make sure your employees are trained to recognize the signs of BEC. One very effective way to do this is to have your IT department send simulated phishing attacks.

Implement a detection system that flags emails with extensions that are similar to your company’s email domain.

Carefully evaluate all email requests for funds transfers to determine if the requests are legitimate. Be especially wary of those that are urgent, marked confidential or arrive just before the weekend or a holiday. Often, a simple confirmation phone call to a number you already have on hand (i.e., not a phone number found in the email) can prevent a fraudulent transaction from occurring.

Verify any changes in vendor payment locations or accounts via phone or by using two-factor authentication, such as having a second person at the company sign off on a transfer or payment.

If you’d like more information about what you can do to prevent BEC at your organization, please contact Ray Abbott at rabbott@wsfsbank.com.

Can You Spot a Phishing Scam?

Can You Spot a Phishing Scam? 3 Common Scams and Red Flags

Every day, thousands of people fall victim to fraudulent emails, texts and calls from scammers pretending to be their bank. And in this time of expanded use of online banking, the problem is only growing worse.

Read More
Digital Considerations to Help You Prevent Fraud

Digital Considerations to Help You Prevent Fraud

You’ve seen it – someone sends you an email posing as your bank, asking you to verify your account information. Or maybe your business receives an electronic invoice from a vendor with a minor, yet off-putting, detail – like an unfamiliar email domain name. One small lapse of judgment on your part, and you’re compromised.

Read More
Simple Steps Businesses Can Do to Fight Fraud

Simple Steps Businesses Can Do to Fight Fraud

As financial institutions develop innovative ways to protect the accounts of businesses large and small, so to do criminals work to develop their own methods.

Read More
When Merchants Are Compromised: How Scammers Are Stealing Your Business’ Account Information

When Merchants Are Compromised: How Scammers Are Stealing Your Business’ Account Information

As businesses continue to shift to digital payment systems for in-store and online transactions, fraudsters and financial institutions (FIs) are caught in a game of cat and mouse.

Read More
5 Tips for Keeping Your Mobile Device Secure

5 Tips for Keeping Your Mobile Device Secure

It's important to take the same precautions on your mobile device that you would on your computer to ensure your safety and security.<br>

Read More