Eight Tips for Avoiding Business Email Compromise Scams


Citizens Bank marks Cyber Security Awareness Month with some tips for handling email

Citizens Bank is marking Cyber Security Awareness Month this October by offering eight tips for handling email.

“Handling email can be a challenge as our inboxes have become inundated and we have less time to manage the information flow,” said Michael Cummins, head of Treasury Solutions at Citizens Bank. “Hackers keep coming up with new ways to attack systems so it is important for business executives to remain vigilant and not make it easy for them to gain access.”

In many cases, with business owners focused primarily on day-to-day operations, cyber security is only a focal point when there is a problem. But business owners who establish proactive cyber security strategies are better able to avoid those problems and ensure that their companies are less vulnerable to attack.

Consider the following tips for handling email:

Treat email with caution – email is a gateway into your computer and personal information, so make sure you only open emails/attachments from known senders and, in general, be wary of emails with attachments and links.

Check for spoofed (i.e. false and deceptive) domain names – this can help you identify if someone might be launching a Business Email Compromise (BEC) scam against your company.

Limit publicly available information – criminals use public information to target companies for BEC scams.

Implement a formal process for money transfers and documentation requests - ensure there is a formal process for high-risk transactions such as wire transfers and requests for sensitive documentation.

Require dual approval for high-risk transactions -- segregation of duties and including more than one individual in a transaction is a great way to help mitigate external and internal fraud.

Use Forward instead of Reply – when receiving an email requesting a money transfer or for sensitive information, using forward and sending it back to the intended recipient can help you avoid falling victim to a BEC scam that utilizes a spoofed domain.

Use Out of Band to Verify – use a different channel to verify. If the request came in via email, use phone and vice versa.

Don’t get complacent – fraud is ever-changing, keep up to date with the latest fraud trends by visiting citizensbank.com/security and other online sources such as staysafeonline.org.

“The most important tip may be the last one – don’t get complacent,” said Cummins. “These tips can help reduce the risk that you will be vulnerable to Business Email Compromise scams, but you and everyone on your team needs to be on the alert if we are going to mitigate that risk.”

Citizens is a trusted strategic and financial advisor, consistently delivering clear and objective advice. The Citizens Commercial Banking approach puts clients first by offering great ideas combined with thorough market knowledge and excellent execution to help our clients enhance their business and reach their potential.

For more information, please go to the Citizens Commercial Banking website.

It's on us. Share your news here.

Submit your stories and articles to citybizlist today.