Adam Determann

Apr 11 2019

Protect Your Business Against Email Compromise


What is Business Email Compromise?
Business Email Compromise (BEC) is a sophisticated scam targeting businesses that perform wire transfers and/or ACH payments. The scam is carried out when business email accounts are compromised to conduct unauthorized funds transfers, most commonly, wire transfers and/or ACH payments. The cybercriminal could, however, try to conduct unauthorized funds transfers through methods the victim would normally use (i.e. checks).

Victims of BEC can range from small businesses to large corporations and anywhere in between, with the selection of victims being largely unknown. The cybercriminals study their victims to identify individuals and procedures within the company so they can perform unauthorized funds transfers or wire transfers.

Statistical Data
BEC continues to grow, evolve and target businesses of all sizes. Between December 2016 and May 2018, there was an increase of 136% in identified global exposed losses – which include actual losses and attempted losses. The BEC scam has been reported in all 50 states and in 150 countries. From October 2013 to December 2018, there was a domestic and international exposed dollar loss of $12,536,948,229.

The following BEC statistics were reported in victim complaints to the IC3 from October 2013 to May 2018:

  • Total US victims: $41,058
  • Total US exposed dollar loss: $2,935,161,457

Scenarios of BEC
There are multiple scenarios a victim might see if they are scammed with Business Email Compromise.

  1. Foreign Supplier. A cybercriminal will spoof a foreign supplier’s invoice to request payment to an account different than the normal payment would go to. Contact is made to the business as the supplier would normally make contact (i.e. phone, fax, email, etc.).
  2. Business Executive. A cybercriminal hacks or spoofs a business executive’s (i.e. CEO, CFO) email account to send an email to another employee requesting a transfer of funds, normally a wire transfer, to the cybercriminal’s fraudulent account.
  3. Compromise Personal Email. An employee’s personal email account is hacked and the email is used for both personal and business communication. The email is then used to request invoice payments from a vendor to a fraudulent bank account.
  4. Attorney Impersonation. Victims are contacted by cybercriminals posing as lawyers or representatives of law firms, claiming to be handling confidential and/or time-sensitive matters. The cybercriminal will discuss the need for funds transfer.
  5. Data Theft. Much like the Business Executive scenario, a cybercriminal hacks or spoofs a business executive’s email account, but instead of requesting funds transfer they request W-2s or other personally identifiable information.

Suggestions for Protection

  • Be aware of the BEC scam to avoid falling victim.
  • Use robust internal prevention techniques at all levels.
  • Avoid free web-based email accounts (i.e. Gmail, Yahoo, etc.).
  • Be suspicious of requests for secrecy or pressure to take action quickly.
  • Scrutinize all emails requesting transfer of funds.

If You Are a Victim…

  • As soon as you discover the fraudulent transfer, immediately contact your financial institution.
  • Request that your financial institution contact the corresponding financial institution where the fraudulent transfer was sent.
  • Contact your local Federal Bureau of Investigation (FBI) office if the wire is recent. The FBI, working with the United States Treasury Financial Crimes Enforcement Network (FinCEN), might be able to help return the funds.
  • File a complaint, regardless of dollar loss, with

When contacting law enforcement or filing a complaint with IC3, it is important to identify your incident as BEC. Also, consider providing the following information:

  • Originating business name, originating financial institution and address, originating account number
  • Beneficiary name, beneficiary financial institution name and address, beneficiary account number
  • Correspondent bank, if known or applicable
  • Dates and amounts transferred
  • Email address of fraudulent email

You should provide as much detailed information as possible, including, but not limited to:

  • Date and time of incidents
  • Highly detailed information regarding the fraudulent phone calls and/or emails
  • Email address and/or phone numbers used for the fraudulent contact(s)


Adam Determann

About Adam Determann

Adam Determann is a First Vice President, Treasury Management Specialist at Hills Bank’s Marion 7th Avenue location and has been with Hills Bank since 2017. He started his career in banking in 2011 and has been in a Treasury Management role since 2013. He is a seasoned Certified Treasury Professional ® who understands how to help business customers with their payment, collection and fraud mitigation needs. Adam can be reached at The Certified Treasury Professional ® (CTP) designation is evidence that an individual is certified in corporate treasury and cash management. The credential is awarded based upon experience and passing of a rigorous examination that provides objective measure of an individual's broad-based knowledge and competency in treasury management. Ongoing professional development is required in order to maintain the credential. The CTP is administered by the Association for Financial Professionals, the leading association for treasury and financial management professionals.

This entry was posted in Business Tips and tagged , , . Bookmark the permalink.