We’ve all been there. You’re buried in your computer at your desk, and you receive an email that, at first glance, looks like it’s from a loved one, coworker or even your boss. They ask for information and in many cases, money.
Business email compromise (BEC) or email account compromise (EAC) can be one of the most financially damaging crimes. This is a high-level scam which targets people and businesses to complete transfer-of-funds requests, or to gain access to personal information.
IDENTIFYING QUESTIONABLE EMAILS
Because these scammers can be true professionals of their craft, it might be hard to differentiate spoof emails from a real email from someone you know.
In many cases, they will contact you on an email address very similar to your business network’s email. You might receive what looks like an email from your supervisor, John Smith. His actual email is email@example.com. However, this email comes from firstname.lastname@example.org.
These scammers prey on you overlooking “1” added at the end of the email address. They might ask you to confirm your address or purchase gift cards, then reply with the gift card information.
Unfortunately, these scams are frequently successful and result in compromised information or money lost.
If you receive a suspicious email claiming to be someone you know, contact that person using a trusted way of communication. One way is to call a verified phone number for them. When in doubt, always ask the person directly using another form of communication before replying to a questionable email.
If there is a contact number in the email or message claiming to come from a business, do not call it. Use Google as your friend to verify it is a legitimate business number.
DON’T CLICK THE LINK OR DOWNLOAD THE ATTACHMENT
Some internet swindlers will lure you into clicking a link in their spoof emails or text messages. Many of these links contain malware, which is suspicious software used to infiltrate company networks. Malware can give criminals access to legitimate emails which contain sensitive personal or business information. Be especially suspicious of emails urging a quick response for information or a transaction.
You should also never download or open an attachment from a suspicious email or message from someone you don’t know. So, when in doubt, don’t click!
Ameris also recommends:
- Setting up a two-factor authentication (MFA)
- Avoid oversharing personal information online
- Never share your passwords
- Change passwords frequently
- Use different passwords for different applications
REPORT SUSPICIOUS ACTIVITY
Now that you know what to look for, we encourage you to report any suspicious emails or messages to prevent these pervasive scams.
Visit Ameris Bank to learn more.
Published November 2022