B.E.C. Scam - Fraud/Scam Types

What is a B.E.C. (Business Email Compromise) Scam

They prey on the business relationship you have with your partners and customers to steal information or for financial gain. The scammers may target and defraud your business through email scams.

How to spot a B.E.C. Scam

In a BEC scam, criminals send an email message that appears to come from a known source making a legitimate request. These scams target businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. Such scams usually target individuals who have the easiest access to company funds.

Before BEC attacks begin, fraudsters collect corporate data through various sources that are publicly available like social media and buying credentials in the dark web to identify targets. Social engineering techniques such as vishing and phishing are also used as baits to solicit company information.

Some of the tactics applied in BEC scams are CEO or founder frauds where you receive emails that are sent from a fraudster impersonating the CEO of your known associate.

In a BEC scam, criminals send an email message that appears to come from a known source making a legitimate request. These scams target businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. Such scams usually target individuals who have the easiest access to company funds.

Before BEC attacks begin, fraudsters collect corporate data through various sources that are publicly available like social media and buying credentials in the dark web to identify targets. Social engineering techniques such as vishing and phishing are also used as baits to solicit company information.

Some of the tactics applied in BEC scams are CEO or founder frauds where you receive emails that are sent from a fraudster impersonating the CEO of your known associate.

How you can prevent a B.E.C. Scam

Verify any changes

Make sure you call and verify any emails that come to you with requests to change their already existing process.

Dual control

Ensure you have practice dual control to further make sure your transaction is getting validated from the maker to the approval.

Train employees to recognise BEC attacks

Ensure employees are adequately trained on cybersecurity threats and the best practices. For example, not to entertain emails by unknown third parties and pay close attention to third party emails with abnormal or uncharacteristic patterns of language and content.

Verify any changes

Make sure you call and verify any emails that come to you with requests to change their already existing process.

Dual control

Ensure you have practice dual control to further make sure your transaction is getting validated from the maker to the approval.

Train employees to recognise BEC attacks

Ensure employees are adequately trained on cybersecurity threats and the best practices. For example, not to entertain emails by unknown third parties and pay close attention to third party emails with abnormal or uncharacteristic patterns of language and content.

Scenario of a B.E.C. Scam

Common type of BEC variation involves impersonating or hacking into vendor accounts to trick the victim. The email to the victim is usually supported with fake invoices or an excuse to change bank transfer details to deposit funds for services and products that are never delivered.

Contact Us

Contact Us immediately if you believe your banking information is compromised or there has been an unauthorised transaction on your account.