Warning Signs of a Business Email Compromise Attack

Business Email Compromise (BEC) is an increasingly common scam targeting companies and individuals who perform financial fund transfers.

These complex attacks work by threat actors hacking into corporate e-mail accounts and using the information to trick third-parties into making fraudulent wire transfers, with a heavy reliance on social engineering to convince somebody to hit send. This type of cybercrime can sometimes pay off better than ransomware-related compromise events, with the FBI reporting this type of attack costing organizations an estimated $1.77 billion in losses in 2019.

Luckily, these types of attacks are typically easy to spot early on. Here are a few warning signs you should be aware of that would tip you off.

  • You have noticed an increase in phishing emails to your employees
  • Your clients or vendors are reporting an increase in phishing emails that are spoofed and have convincing signatures or email addresses similar to yours
  • Wired money goes missing, or it is discovered that the payments went to the wrong account
  • Your employee(s) notice they are missing parts of an email conversation or emails are being forwarded to their RSS Subscriptions or Junk email folders
  • Alerts are being generated for email forwarding rules that route email outside of your domain
  • You just moved your employees into Microsoft Office 365 or G-Suite and have not gone through the process of securing the environment

About Schneider Downs Cybersecurity

The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. For more information, visit www.schneiderdowns.com/cybersecurity or contact the team at [email protected].

If you suspect or are experiencing a network incident, our Incident Response Team is available 24x7x365 at 1-800-993-8937.

Want more cybersecurity content? Subscribe to our bi-weekly newsletter, Focus on Cybersecurity, for the latest insight and news in the cybersecurity world.

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2024 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on
Get the Low Down Before You Download: Exploring the Temu App’s Security Risks
Six-Figure Ransomware Attack Hits Washington County, PA
Romance Scams: Guarding Your Heart and Wallet
A First of Its Kind: The $25 Million Deepfake Scam
Fortifying Retail Security: Essential Cybersecurity Tools and Software
Defend Your Dollars and Data: How to Avoid IRS Impersonation Scams
Register to receive our weekly newsletter with our most recent columns and insights.
Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us
contact us

This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.