Protect Yourself from Business Email Fraud

Cyber attackers continue to evolve an email attack called CEO Fraud or Business Email Compromise. These are targeted email attacks that trick their victim into wiring money to cybercriminals. The FBI says losses are already in the billions of dollars and are growing. The cyber attackers research their intended victim on the internet, then craft an email pretending to be your boss or a senior executive with an “emergency” requiring urgent wiring of funds to the cybercriminal.

So, what can you do to protect yourself? Common sense is your best defense. Here are the most common clues to look for:

  • The email is very short (often only a couple of sentences), urgent and the signature says the email was sent from a mobile device.
  • There’s a strong sense of urgency, pressuring you to ignore or bypass your employer’s policies. Always follow work-related policies and procedures, even if the email appears to come from your boss or the CEO.
  • The email is work-related but uses a personal email address, such as @gmail.com or @hotmail.com.
  • The email appears to come from a senior leader, coworker or vendor you know or work with, but the tone of the message does not sound like them.
  • Payment instructions are provided, but these instructions differ from ones you already received, such as requesting immediate payment to a different bank account.

If you suspect you have been targeted at work, stop all interaction with the attacker and report it to your supervisor. If you have been targeted at home or you have fallen victim and a wire transfer was made, immediately report it to your bank, then to law enforcement.

Finally, enable multi-factor authentication on all of your accounts. By adding extra layers of credentials to prove the person signing in is truly who they say they are, you make it harder for the cybercriminal to carry out an attack.

For more information on this cyber fraud known as Business Email Compromise or CEO Fraud, visit www.sans.org/security-awareness-training/resources/ceo-fraudbec.

–Courtesy SANS Security Awareness

About This Author

avatar

Ross Bentzler

Ross Bentzler is Executive VP and Information Security Officer for Alpine Bank. Ross has worked in the information technology field for two decades, focusing on information security for 13 years.

More about Ross Bentzler

LinkedIn

Related Products

Liberty Checking

Get all the checking essentials, including digital services. On top of that, waive the statement fees by going paperless.

Learn More about Liberty Checking

Loyalty Visa® Debit Card

Give back to your chosen cause. Whether it's the arts, education, environment or beyond, small change makes a big difference.

Learn More about Loyalty Visa® Debit Card

Green Lending

Various consumer and business loan programs to help our customers make energy and resource improvements to their lives.

Learn More about Green Lending
Allpoint It’s your money after all. Find a surcharge-free ATM
FIND A SURCHARGE-FREE ATM!
AllPoint