Did you know?
Business Email Compromise (BEC) is one of the most common threats today. It employs tactics like impersonating an executive, HR, or a trusted vendor to initiate fraudulent transfers of money. According to the FBI, $1.7 billion was lost to BEC in 2019 alone.
Here are tips from the FBI to stay secure:
- Be Skeptical: Last-minute changes in wiring instructions or recipient account information must be verified.
- Don’t Click It: Verify any changes and information via the contact on file—do not contact the vendor through the number provided in the email.
- Doublecheck That URL: Ensure the URL in the email is associated with the business it claims to be from.
- Spelling Counts: Be alert to misspelled hyperlinks in the actual domain name.
- It’s a Match: Verify the email address used to send emails, especially when using a mobile or handheld device, by ensuring the sender’s email address appears to match who it’s coming from.
- Pay Attention: Often there are clues with Business Email Compromise:
- An employee who does not normally interact with the CEO receives an urgent request from them.
- You see data that shows an employee is in one location at 1:00 pm but halfway around the globe 10 minutes later.
- You see activity from an employee who is supposed to be on leave.
- And, As Always, if You See Something, Say Something
If something looks awry, report it to your MSP or a supervisor. And if you have been a victim of BEC, file a detailed complaint with www.ic3.gov.