How to Spot Business Email Compromise

You receive an email from the CEO asking you to purchase $500 worth of gift cards and provide the codes ASAP. The request came from the CEO’s email address, but they weren’t controlling it, a bad actor was. Business email compromise (BEC), sometimes referred to as CEO Fraud, is becoming a prevalent tool for scammers. Falling victim to this form of fraud is both easy and potentially costly. Here’s what you should look for, and what to do next.

Signs of Business Email Compromise:

  1. The sender is trying to create urgency
  2. The sender is trying to get you to circumvent protocol
  3. There is threatening language in the email
  4. The sender is asking you to wire money or change payment details
  5. The sender is asking you to purchase gift cards or bitcoin
  6. There an attachment that you don’t typically receive – such as an invoice
  7. The grammar and tone are not consistent with the sender

What To Do (And What Not To Do):

  1. Do not respond via email
  2. Do not open any attachments or click any links
  3. Do not complete the request
  4. Reach out to the sender by phone to see if the request is legitimate
  5. Always verbally confirm any email instructions to change payment methods/destinations