Protect Yourself from Business Email Compromise

Don't fall victim to Business Email Compromise (BEC). A few simple steps can help you detect a fraudulent email.

Follow these three Cs—Compare, Check, Call—to protect yourself from BEC.

1. Compare Email Addresses

Comparing email addresses is the first step in identifying a potentially fraudulent message. Common email address variations in BECs include:

  • Deceptive characters. For example, the letter "W" in a legitimate email address may appear as a double "V" in BEC, to trick recipients into trusting a phony email address.
    Example: vs.
  • Incorrect punctuation. Misplaced punctuation in an email address may be an indication of BEC; compare the email address in question to a previous, verified message to make sure punctuation is in the right place.  
    Example: vs.
  • Misspelling. It's easy to miss a typo in an email address; thoroughly read the sender's email address to spot fake email addresses.
    Example: vs.

2. Check the Language

Fraudsters can still mask a false email address using a legitimate address you trust, so it's best to also check the email for unusual language.

Check for misspelled words or misused grammar, and whether the email sounds like your client.

Examples of unusual language:

"It's really important this money goes out but I'm not available so don't call me just email me."

"I need this done today but I'm at the doctor's office. You can reach me through email."

"Make this one time exception. I really need to get this done ASAP!" 

If the scenario presented in the email doesn’t make sense, remember—they are placing the urgency on YOU for a reason!

3. Call the Client

The most important step of all… pick up the phone and call the client*. 

Emailing the client to confirm their request is futile, if you are already communicating with a suspect. It’s better (and easier) to apologize for the inconvenience of a phone call, than apologizing for a $100,000 loss. In the end, clients will thank you for protecting them.  

*Don’t use a phone number from suspicious email correspondence. Obtain the client’s phone number from a verified source.