Avoiding Common Business Email Compromises and Scams

Identity Protection
Avoiding Common Business Email Compromises and Scams

We’ve all been there. You’re buried in your computer at your desk, and you receive an email that, at first glance, looks like it’s from a loved one, coworker or even your boss. They ask for information and in many cases, money.

Business email compromise (BEC) or email account compromise (EAC) can be one of the most financially damaging crimes. This is a high-level scam which targets people and businesses to complete transfer-of-funds requests, or to gain access to personal information.

The Federal Bureau of Investigation (FBI) estimated from 2016-2019, BEC was a $26 billion scam. At Ameris, we want you to be vigilant of fraudulent email.


Because these scammers can be true professionals of their craft, it might be hard to differentiate spoof emails from a real email from someone you know.

In many cases, they will contact you on an email address very similar to your business network’s email. You might receive what looks like an email from your supervisor, John Smith. His actual email is john.smith@funbank.com. However, this email comes from john.smith@funbank1.com.

These scammers prey on you overlooking “1” added at the end of the email address. They might ask you to confirm your address or purchase gift cards, then reply with the gift card information.

Unfortunately, these scams are frequently successful and result in compromised information or money lost.


If you receive a suspicious email claiming to be someone you know, contact that person using a trusted way of communication. One way is to call a verified phone number for them. When in doubt, always ask the person directly using another form of communication before replying to a questionable email.

If there is a contact number in the email or message claiming to come from a business, do not call it. Use Google as your friend to verify it is a legitimate business number.


Some internet swindlers will lure you into clicking a link in their spoof emails or text messages. Many of these links contain malware, which is suspicious software used to infiltrate company networks. Malware can give criminals access to legitimate emails which contain sensitive personal or business information. Be especially suspicious of emails urging a quick response for information or a transaction.

You should also never download or open an attachment from a suspicious email or message from someone you don’t know. So, when in doubt, don’t click!

Ameris also recommends:

  • Setting up a two-factor authentication (MFA)
  • Avoid oversharing personal information online
  • Never share your passwords
  • Change passwords frequently
  • Use different passwords for different applications


Now that you know what to look for, we encourage you to report any suspicious emails or messages to prevent these pervasive scams.

Visit Ameris Bank to learn more.

Published November 2022

Ameris Bank does not provide, and is not responsible for, the product, service, or overall website content available on this website. Ameris Bank’s privacy policies do not apply to this website and a viewer should consult the Terms of Use on this website for further information.