Business Email Compromise – What You Need to Know Now
Protecting your business against the “invisible hand” of payments fraud
Payments fraud is not only alive, but thriving, now slipping its tentacles into 82 percent of companies surveyed for the 2019 AFP Payments Fraud and Control Survey. To put this in perspective, this same survey found 60 percent of companies reporting incidents of payments fraud just five years ago.
These rising numbers naturally beg the question: how are scammers gaining access to the inner sanctums of America’s businesses? While 75 percent of organizations reported check fraud, one increasingly popular way is through a relatively new phishing scheme, business email compromise (BEC). Infiltrating a record 80 percent of surveyed companies in 2018, up from 64 percent in 2014, this insidious break-in tactic relies heavily on social engineering to trick unsuspecting employees.
BEC scammers first do their homework, learning all they can about their corpoce target, typically the CEO, CFO, or any executive authorized to approve the release of confidential data or corporate funds. Then they impersonate that unsuspecting “author” by crafting an email instructing that data or funds (typically in the form of check or wire transfer) be sent to a third party (the scammer). The majority of corporate BEC victims, 54 percent, reported financial loss due to this highly sophisticated—and continually morphing—mode of trickery.
The majority of corporate BEC victims, 54 percent, reported financial loss due to this highly sophisticated—and continually morphing—mode of trickery.
It’s become an almost knee-jerk reaction to blame IT when our business communication systems are compromised. But, according to the Ponemon Institute’s 2019 Cost of a Data Breach Report, one quarter of all corporate data breaches are caused by human error.
Today’s payments fraud trends serve as a warning call for companies to take preventative measures, ranging from employee education to implementing products and procedures that better protect what is typically the weakest link in the chain—the human link.
4 steps you can take to protect your company
Although fraud continues to be a major concern for businesses, the banking industry has taken proactive steps over recent years to help mitigate it. Union Bank, for example, has invested in the technology, tools and expertise to better support early detection and prevention and safeguard our clients’ businesses from loss due to fraud. Only with an aggressive two-line defense—your efforts combined with ours—can payment fraud be reduced, if not prevented.