Online payment fraud targeting organizations, known as business email compromise (BEC) schemes, can cause substantial financial losses. BEC refers to the act of breaking into a valid email, text messaging, or social media account without authorization or the effort to impersonate or spoof a legitimate account.
The idea is to provide the criminal the ability to communicate on behalf of a vendor, customer, or executive to persuade a worker to pay money.
Recovering the loss is difficult, if not impossible after this money is given to the illegal actor. About $2.7 billion was lost to BEC fraud in 2022. A financially disastrous error can occur in a matter of minutes and happen to everyone. The effect is the same whether the person is a recruit, a 20-year veteran, a payables manager, or the CEO.
The good news is that companies have options for reducing and managing risk.
How to Recognize Warning Signs of Bec and Lower Risk
The two most crucial defenses against BEC are knowledge and alertness. Here are a few BEC warning signs to watch out for when you get correspondence about transactions or money transfers.
Features of communication
Communications that were tampered with the spelling and domains on the email received payment demands carefully. Make that the sender's address (phone number, email address, etc.) is right by carefully checking if any letters, digits, or domain names are off.
Utilizing individual accounts Instead of utilizing their regular corporate accounts on social media, mobile phones, or email, criminal actors would pose as company executives, suppliers, or clients.
How a Business Is Selected for BEC
Criminal actors may do background checks on the business, its personnel, and senior management before initiating a BEC scam to obtain as much information as possible to aid in the creation of a convincing request. They might even go into social media accounts, read other company correspondence, and verify trip arrangements.
The majority of the time, criminal actors pose as high-ranking executives (CFO, CEO, CTO, etc.), attorneys, suppliers, clients, or other representatives. They will request that an urgent wire transfer be started in the correspondence, claiming to be handling confidential or time-sensitive affairs.
Interestingly, these urgent requests also include creating a new account or modifying the receiving account (which eventually goes to the criminal actor). The staff member could carry out the money transfer if they think the request is valid.
Social Engineering Fraud Is Called BEC
The problematic thing about BEC is that social engineering is used to accomplish the goal rather than malware or hacking. These dishonest individuals fabricate plausible narratives to deceive a worker into sending money.
Social engineering is the practice of tricking someone into disclosing private information or acting in a way that encourages fraud.
We are naturally inclined to trust and desire to assist. Cybercriminals lure victims around crucial security measures by playing on human psychology and nature.
Ways to Assist in Preventing BEC
Examine requests for payment changes in detail.
Every payment request that is accompanied by an adjustment to the receiving account has to be carefully scrutinized.
Use a different line of contact to get in touch with executives, suppliers, or clients to confirm the request and the updated account details. Make sure the person making the request is authorized by utilizing a reliable phone number for a recognized contact at the company, not the number offered in the email, text, or social media message.
Stop to Be Sure
Delay the transaction until more verifications can be completed when requested to verify a wire transfer, and demand dual permission for any wire transfer request that satisfies specific high-risk requirements.
Establish a Trusting Atmosphere
Criminal actors impersonating top executives within corporations are the cause of many BEC frauds. Workers should not be concerned about taking a moment to confirm a senior leader's request for a cash transfer over the phone or in person.
Workers should be urged to control their propensity to lend a hand and to curb their enthusiasm to give leadership demands priority.
According to the FBI, the biggest financial swindle in the United States is BEC. Make sure the executives and staff of your business are aware of the dangers posed by this scam and know how to spot BEC warning signs and lower risk by taking appropriate action.