Business Email Compromise (BEC)
What is it?
Business email compromise, also referred to as imposter email, is a threat designed to trick the victim into thinking they received an email from a company leader like the CEO or CFO. The email is usually asking for either: a transfer of money out of the company or employee personally identifiable information such as W2 forms.
How to prevent it?
Since Business Email Compromise relies on social engineering rather than malware, these imposter emails can often evade security solutions that look for malicious content or behavior. Because of this, vigilant employees are the best defense against these impostor emails. Another way to prevent business email compromise is to add more steps to the wire transfer process to verify the request and ensure that no one transfers money to an imposter. If an employee receives a request for a wire transfer. require that they very requests with a telephone call or require two different people to initiate and approve wire transfers.
What should I do if this happens to me?
Contact Dynamic Solutions Group right away and inform us of the problem so that we can get started with trying to recover the money that was transferred or the information that was provided.
Victims should always file a complaint regardless of dollar loss or timing of incident at www.IC3.gov and, in addition to the financial information, provide the following descriptors:
- IP and/or e-mail address of fraudulent e-mail
- Date and time of incidents
- Incorrectly formatted invoices or letterheads
- Requests for secrecy or immediate action
- Unusual timing, requests, or wording of the fraudulent phone calls or e-mails
- Phone numbers of the fraudulent phone calls
- Description of any phone contact to include frequency and timing of calls
- Foreign accents of the callers
- Poorly worded or grammatically incorrect e-mails
- Reports of any previous e-mail phishing activity
