According to the FBI, business email compromise (BEC) scams cost businesses and organizations $1.77 billion in losses in 2019 alone. In that same year, the FBI received 23,775 complaints related to this risk.
With business email compromise and other cyber-related risks on the rise, it is more important than ever for businesses and organizations to understand and avoid BEC.
What is business email compromise?
When a cyber criminal impersonates a familiar business associate via email, that’s business email compromise.
Once trust has been gained, the cyber criminal usually attempts to use it for financial gain. For example, they may send instructions to change payment information, directing money into their own account.
What are some best practices to help minimize this risk?
Protect Your System
If your email system is cloud-based, it is vital to implement some type of multi-step authentication process to verify user identities.
Don’t Automatically Trust an Email
Even if an email comes from a familiar sender, it’s possible their account could have been compromised by a cyber criminal.
Verify New Instructions
If someone you’d normally trust sends you new instructions, particularly ones involving money, verify them with a phone call first.
A Step-by-Step Guide to Recognizing a Scam Email
Making the Complex Simple
Business email compromise is a substantial threat for any business or organization. However, with good information and best practices in place, this risk can be minimized.
An SBU risk advisor is able to help you manage the danger of BEC and consider whether cyber liability insurance may be in your best interest.
Please also see this information below in a helpful infographic: