Everyone who has an email inbox knows there’s no shortage of junk coming through. The emails that businesses are becoming more mindful of are the malicious emails that make it through the spam filter.
These malicious emails can be known as business email compromise (BEC), which occurs when fraudsters impersonate company executives and request wire transfers or other type of funds movement over email. When links within the email are clicked or someone actually makes the funds transfer requested, businesses can suffer from both information and monetary loss. While many businesses have implemented training programs for how to spot BEC, many individuals still don’t catch the scam – and that includes senior level management.
Good fraudsters take the time to learn all they can about a company’s top leaders. This may include looking them up on social media sites like LinkedIn that include information about their job and responsibilities. Occasionally, a fraudster will even send emails back and forth with other employees in the company to find the organization’s signature, phone numbers, email structure and the tone used in business communications. They study up so they can mimic their targets as close as possible. So when a CEO receives a well-crafted fraudulent email from the company’s CFO, it can catch the target off guard if they don’t know what to look for – and especially when they are going through emails quickly.
While it may come as a surprise that even highly educated executives can fall for BEC, the reason why is actually not surprising at all. Everyone is busy, especially those in the C-suite. But, it comes down to time – taking the time to stop and really look at emails asking for financial information.
Coupled with time, the best way to avoid BEC is regular training. After Bankers Trust implemented mandatory BEC and security training for all employees, we found more people knew what to look for and took the time to stop and think when they noticed a questionable email.