Protect Yourself from Business Email Compromise (BEC) Scams: A Story You Need to Read

December 11, 2024

Imagine this: You run a small business and have a trusted vendor you’ve worked with for years. One day, you receive an email from them, asking for an urgent payment transfer for a big order. The email looks just like any other—familiar email address, familiar tone, even the payment details seem normal. You don’t think twice and send the payment.

A few days later, you get another email from your vendor, confused about why they haven’t received your payment. You check your bank statement, only to realize the money went to the wrong account—one that wasn’t your vendor’s at all. You’ve fallen victim to a business email compromise scam, and now, you’re left dealing with the aftermath.

This type of fraud is becoming more common, but it doesn’t have to happen to you. Here’s how you can protect yourself.

What Is a Business Email Compromise (BEC) Scam?

A business email compromise (BEC) scam happens when fraudsters gain access to a trusted email account, often from a vendor or business partner. Once inside, they send emails requesting wire transfers or ACH payments to fraudulent accounts. Since these emails look like they’re from someone you know, it’s easy to assume they’re legitimate.

Unfortunately, without verifying these requests, you could send money to a scammer. This type of fraud can affect businesses and individuals, and it’s happening year-round, especially as we head into the busy holiday season.

Why Does This Happen?

Hackers often get in through:

  • Weak passwords: Easy-to-guess passwords are a hacker’s entry point.
  • Phishing emails: Fraudsters trick you into clicking on a link or attachment that gives them access.
  • Malware or spyware: Malicious software can track your login information or access your emails directly.

Understanding how hackers get in helps you protect yourself from these scams.

How You Can Protect Yourself

Here are practical steps to safeguard your finances:

1. Always Verify Payment Requests

When you receive a payment request, don’t assume it’s legitimate just because it’s from someone you trust.

  • Call the sender directly using a phone number you already have on file.
  • Confirm the payment details to ensure everything is correct before transferring funds.

2. Check the Email Address Carefully

Fraudsters often use email addresses that look similar to a trusted source. Double-check the sender’s email address before acting on the request.

3. Enable Multi-Factor Authentication (MFA)

Multi-factor authentication adds an extra layer of security. Even if a hacker gets your password, they won’t be able to access your account without the second form of authentication.

4. Educate Your Employees or Family Members

Whether you're running a small business or managing your household, it’s important everyone knows the risks. Educating your team or family members about email scams can prevent costly mistakes.

5. Keep Your Security Systems Updated

Update your email, antivirus software, and operating systems regularly to protect against new threats.

6. Monitor Your Accounts Regularly

Review your bank accounts regularly for unauthorized transactions. If you spot anything suspicious, contact your bank immediately. The sooner you act, the easier it is to resolve the issue.

What to Do if You Suspect You’ve Been Targeted

If you suspect your email or account has been compromised, take immediate action:

  1. Contact Heartland Bank: If you think you’ve been targeted or have fallen for a scam, call or visit us right away. We’re here to help.
  2. Review Your Transactions: Check for unauthorized transactions. If a payment was made incorrectly, we can assist in resolving it.
  3. Change Your Passwords: As soon as you notice suspicious activity, change your passwords on all affected accounts. Enable multi-factor authentication if you haven’t already.

Protect Yourself Year-Round

While scams peak during the holidays, they happen year-round. Stay vigilant and make good security practices a habit. By being proactive, you can protect yourself and your business from email fraud.

At Heartland Bank, we’re committed to your financial security. For more tips on how to protect yourself from scams, visit our Privacy and Security page.

Stay safe, and remember—whenever in doubt, call and confirm payment instructions before taking action.

For more information, check out these helpful resources:

This content is for informational purposes only. Readers should under no circumstances rely upon this information as a substitute for their own research or for obtaining specific advice from their own counsel.

More Blog ArticlesMore Blog Articles