According to the FBI (Federal Bureau of Investigation), business email compromise has already caused US based companies alone $14.8 billion in losses between 2013 and 2021 while domestic and international losses are up to $43.3 billion between 2016 and 2021. So…What is business email compromise?
We will refer to the person(s) as “bad guy” for a general description of the person who assumes the identity of a company employee and emails another company employee requesting money be sent out of the company. The “bad guy” can assume the identity of a company employee by hacking into their email account (why strong passwords are so important) or spoofing their email address.
There are various safeguards that can be put into place to circumvent this threat:
- Stay aware of phishing scams by reading about them on the Internet
- When wire transfers and other significant funds are leaving the company, require dual authorization/dual signatures
- Have the employee call to verify the transaction request
- If your employees are accessing company email remotely, require two factor authentication to keep the bad guys from hacking email accounts.
- Register email domains that are similar to your company’s to block bad guys from sending emails that look similar to your company’s. A digital risk protection company can be hired to monitor similar domains.
If you feel you have been victimized by business email compromise contact your financial institution immediately. Centennial Bank customers can call us at (888) 372-9788, use our contact form and asked to be routed or contact your banker directly.