Blog|4 min

5 Ways to Protect Yourself Against Business Email Compromise (BEC) Schemes

Dan Lind
BILL, Vice President, Risk Strategy and Operations

These days, it seems like we can't go more than a few weeks without hearing about a new, high-profile data leak or cyber attack. Though tech companies are doing everything they can to protect their customers' sensitive information, cyber criminals are always hatching new, sneaky workarounds.

An increasingly common tactic used to defraud businesses and finance teams is known as Business Email Compromise (BEC). In BEC attacks, criminals use email systems to impersonate someone from within an organization, such as a manager, executive, or CEO. They then send emails to internal teams requesting that payments be made to an illegitimate vendor or bank account.

They might also impersonate an existing vendor, requesting payment to a different bank account than the one that's on file. They may also request a change to their payment information, so that future payments end up in an illegitimate account.

We're always looking for ways to help you navigate the financial tech world safely, so we put together five quick tips for protecting yourself and your business from BEC fraud losses. Stay safe!

1. Watch out for impersonators

If you receive payment instructions from an employee or an executive by email, or if you receive bank account number updates to bank from a vendor by email, be sure to follow up with them or a trusted contact by phone to verify their instructions. Never rely on email alone, as it may have been compromised.i

When updating the bank account for a vendor within your Bill.com account, a message is shown reminding you to verify the authenticity of the bank account number if the information was received by email.

2. Use bill approval workflows

Establish a standard bill approval policy and process within Bill.com specifying when two or more users must review and approve each bill before scheduling a payment. Having trusted team members involved will add another layer of scrutiny, and ensure that all bills and payments are legitimate.

3. Require bill images for all payments

Submit bill images into your Bill.com Inbox so they can be reviewed by approvers and payers for accuracy and authenticity.

4. Invite vendors to join our Bill.com Payments Network

Rather than gathering and updating sensitive vendor bank account information within your Bill.com account, invite your vendors to join our Payments Network so they can safely and securely update their payment information on their own.  

5. Watch for unusual payment requests

Be extra vigilant with first-time vendors and international payments. Also be wary of rushed or urgent payment requests—don’t cut any corners just to meet a deadline.

Other cyber security best practices

For employees:

  • Watch for bogus email messages disguised to appear as real:

    • Fraudsters commonly spoof legitimate email domains with ones that look similar

    • Hover over or reply to an email address to make sure it isn’t being masked as something it’s not.

  • Be suspicious of request for secrecy or pressure to take action quickly.

  • Immediately report and delete unsolicited email from unknown parties.

For management staff:

  • Provide basic training and advanced education for employees to recognize BEC and phishing schemes.  

  • Be careful what you post to social media and company websites, especially job duties and descriptions, staff hierarchy information, and out-of-office details.

  • Make sure temporary staff covering for your payments employees understand that criminals may pose as employees or vendors to try and manipulate them.

  • Create intrusion detection system rules that flag emails with extensions that are similar to company email.

  • Register all company domains that are slightly different than the actual company domain.

Using fraud prevention best practices and processes can help protect your business and reduce the risk of loss. Unfortunately, we cannot guarantee recovery of a funds after fraud or error has occurred. As we explain in our Terms of Service, you may be liable for unauthorized or fraudulent payments originated using an authorized users' security credentials.  


Topics
BusinessProductTechnology

Related Articles