You receive an email from your chief executive officer (CEO) requesting that you purchase gift cards for your fellow employees. The CEO wants it to be a surprise and asks you to share photos of the front and back of the card so that they can send them to your teammates. You don’t want to spoil the surprise, so you don’t share it with your coworkers and simply fulfill the request. However, later you find out the email wasn’t from your CEO and was actually from an imposter. You have been victimized by a business email compromise (BEC) scammer, and the con artist has run off with the money.
BEC fraud is an email phishing scam targeting employees who pay invoices and handle the money in a business, government or nonprofit organization, according to the Better Business Bureau (BBB). The FBI indicates the global cost of BEC scams was $43 billion from June 2016-December 2021.
The Federal Bureau of Investigations (FBI) recognizes six types of BEC fraud.
- A CEO directs an accounting staff member to send funds to another party.
- A supplier asking for their payment to be sent to a new address or bank account.
- An executive requests copies of employees’ W-2 forms.
- A real estate professional diverting escrow payment, deposits or proceeds to a new account.
- A direct deposit change from an employee.
- A clergyman or employer asking for donations for their organization.
These requests are not uncommon, and many employees feel intimated to verify the request as they don’t want…
