How to spot business email compromise and mitigate damage

How to spot business email compromise and mitigate damage

The interconnectivity of today’s business landscape has given rise to an increasingly common form of cybercrime: business e-mail compromise (BEC) schemes. BEC involves exploiting the trust of company employees and manipulating them into participating in fraudulent activities or transactions. It has become a popular scam tactic with a current average of 156,000 daily attempts, and it typically leads to significant financial loss and compromised sensitive data.

This is why it’s important to understand the red flags surrounding these schemes and implement the security measures necessary to combat them. Here are a few ways to spot BEC attacks and mitigate their threats.

1. Requests for financial transfers

One of the most common signs of a BEC scheme is the request for urgent financial payments. Attackers will typically pose as company executives, vendors, clients, or even colleagues, sending out emails asking employees to initiate wire transfers, make invoice payments, or purchase expensive items on behalf of the company. Oftentimes, these scammers will cite “confidentiality” reasons as an excuse to avoid giving further details on the nature of these transactions.

Employees must thus exercise caution when receiving such requests and verify their authenticity through official communication channels and/or speaking directly with persons in authority. It’s also crucial to implement strict authorization protocols and to train employees in how to scrutinize financial transfer requests, so your organization can effectively mitigate the risk of falling victim to these scams.

Related reading: The risk within: Why you should be offering cybersecurity awareness training for employees

2. Requests for personal information

Requesting personal (and often, financially related) information is another blatant red flag of most BEC schemes. Attackers may impersonate business executives, trusted vendors, or human resources personnel, and email employees to ask for sensitive data, such as their payroll information and Social Security numbers. They will make these requests under purportedly official purposes, such as to “update employee records.”

Such tactics belong to a category of cybercrime called social engineering, which involves the use of psychological manipulation to trick victims into willingly sharing their sensitive information. Social engineering attacks accounted for almost half (43%) of all cyberattacks experienced by small businesses in 2022, and further highlight the need for awareness, caution, and extra authentication when sending one’s personal details over email.

3. Suspicious email attachments

If an email looks sketchy or too good to be true, then it probably is.

Scammers will often use enticing content in the form of an email attachment, such as links to flash offers, prize notifications, or urgent documents, to pique the recipient’s curiosity. These attachments typically contain malicious software, such as ransomware or keyloggers that can compromise the recipient’s system and lead to unauthorized access or data loss. Exercising caution is therefore crucial when encountering unexpected email attachments, particularly when they come from unfamiliar or suspicious sources. Having robust email filtering systems and up-to-date antivirus software in place is also highly recommended for that extra protection.

4. General unprofessionalism

A glaring indicator of a possible BEC scheme is the general lack of professionalism displayed in the email. This could include overtly careless mistakes, such as spelling errors, grammatical mistakes, or inconsistent formatting. Additionally, these emails may be sent outside of regular business hours or during non-business days when it would be unusual for legitimate communication to occur.

Be sure to also watch out for a lack of detail regarding the sender’s information. Suspicious emails will often keep the sender’s name vague, unclear, or altogether absent from the message. Carefully review such messages for any of these red flags and report any concerning incidents to your organization’s IT department.

5. Misspelled email addresses

Lastly, it’s important to carefully review the email addresses of any suspicious or supposedly urgent emails. Address spoofing is a common tactic used by attackers in BEC scams, in which the sender forges the email address of a trusted contact, making the message appear legitimate. Unsuspecting recipients of such emails are more likely to send over their personal information or credentials.

Spoofing an email address is often done through slight alterations to the original address or using domain names that closely resemble legitimate ones. For example, cybercriminals may replace an “I” with a lowercase “L” or use a domain such as “” instead of “”. It’s vital for employees to scrutinize their email addresses for any irregularities and to contact the supposed sender through a verified channel before acting on any important transactions.

Protect your company from the risks of business email compromise today. With cyberattacks on the rise, it pays to stay vigilant with the right security measures. XBASE Technologies offers comprehensive cybersecurity solutions to help you identify, mitigate, and respond to potential data threats as they arise. Keep your infrastructure, employees, and customers safe — enquire with our experts today.