Protect your business and employees from the business email compromise scams this holiday season.

On By cornhuskerbankIn Safety Tips

The holidays are a time to celebrate. Many businesses are busy planning office parties, and your employees will likely enjoy some well-deserved time off.

Knowing that many of us will be out of the office during the holiday season, some fraudsters use the opportunity to send email messages that appear to come from a company executive. These emails are intended to deceive your employees into sending money or information to fraudsters while the company executive is away on vacation.

These attempts are especially deceitful because emails often make what appears to be a legitimate request, including sending an invoice with updated payment information. Employees believe they are doing what their superiors or coworkers are asking them to do.

Here at Cornhusker Bank, protecting our customers from fraud is a top priority.

Below are some steps to reduce the chances of an employee becoming a victim of business email compromise.

Follow these steps to protect your business and your employees from business email compromise:

  • Educate and train employees to recognize, question, and independently authenticate changes in payment instructions, payment methods (e.g., ACH to wire), or when pressured to act quickly or secretively.
  • Be old-fashioned! Verbally authenticate any changes via the telephone.
  • Review accounts frequently.
  • Initiate payments using dual controls.
  • Never provide passwords, usernames, authentication credentials or account information when contacted.
  • Don’t provide nonpublic business information on social media.
  • Avoid free web-based email accounts for business purposes. A company domain should always be used in business emails.
  • Consider registering domains that closely resemble the company’s actual domain to make impersonation harder.
  • Do not use the “reply” option when authenticating emails for payment requests. Instead, use the “forward” option and type in the correct email address or select from a known address book.

If you do fall victim to one of these fraud attempts, please contact us as soon as possible so we can help you.

Leave a comment