Business email compromise (BEC) is an online scam where a cybercriminal impersonates a business representative to trick you, an employee, customer or vendor into transferring money or sensitive information to the scammer.
A local business recently fell victim to this scam, with devastating results. They have kindly shared the details to warn fellow businesses to look out for the warning signs.
The business owner lost a significant amount of money after the scammer posed as one of her creditors, by sending a fraudulent invoice with an almost identical email address – only one letter was different, which made the change inconspicuous. The business owner noticed that the BSB and account number were different, but with her busy operation, didn’t think to call the real accounts person and double check.
Following the transaction, someone rang to impersonate the ‘real’ company and say they had received the money in their bank account.
Even with a high level of awareness of scams, we can still get caught out in the business of everyday life.
Be mindful of email addresses. If it looks wrong, double check with the email in your system or from previous transactions. Check for errors, extra characters, or the use of a different domain (eg .net instead of .com)
If account details change, always call your creditor to check before paying the account.