Business Email Compromise


What It Is

When a criminal sends a fake email or
invoice asking for a payment, usually by
impersonating a known business contact


When & How It Happens

INVOICE

Fake supplier invoice with
a new account number

PAYEE CHANGE

A business contact requests for payments to be made
to a new account

EXECUTIVE

A payment request from an internal senior manager

REAL ESTATE

Changes to a beneficiary
account during a property
purchase or sale


Why It's Still A Problem

$12.5 BILLION

value of known BEC
attempts in last
4.5 years*

136% INCREASE

in attempts in last
18 months*

150 COUNTRIES

in which BEC attempts
have been reported*

77% OF BUSINESSES

experienced a BEC
attempt during 2017**

19% OF VICTIMS

had at least
$250,000 stolen
in a BEC attack**


How To Avoid It

CALL BACKS

Pick up the telephone
and call the sender to
confirm the request

DUAL APPROVALS

Ensure two people need to
approve any payments
to a new beneficiary

RED FLAGS

Be wary when a payee is
changed after an order has
been placed, or the payment
is marked as urgent

AWARENESS

Warn your colleagues,
so the whole team
understands the risk


* Source – FBI Public Service Announcement I-071218-PSA
** Source – AFP 2018 Payments Fraud & Control Survey

To access the full infographic, Download PDF