Business email compromise (BEC) is a type of email information-seeking scam in which an attacker targets a business to defraud the company.
💡Pro Tip: Always pay attention to the style of the email
Is it more urgent than usual?
Does it sound like the style of that employee?
IF ANYTHING IS OUT OF THE ORDINARY:
Check the sender's email address for small spelling mistakes to ensure the email address is legitimate.
If you must answer the email, NEVER HIT REPLY. Instead, compose a separate message by typing out their email address manually.
Always be wary of requests for transfers to offshore accounts.
For any bank information changes or payment requests - ALWAYS CALL the sender by phone to verify the request.
ALWAYS FOLLOW the proper procedures. Any request to bypass procedures could be an attacker.
HOW TO PROTECT YOURSELF:
Don’t click on anything in an unsolicited email or text message asking you to update or verify account information. On most browsers, you can see the target URL by hovering over the link. Do this to check links before you click on them.
Be careful with what information you share online or on social media. By openly sharing things like pet names, schools you attended, links to family members, and your birthday, you can give a scammer all the information they need to guess your password or answer your security questions.
Be careful what you download. Never open an email attachment from someone you don't know, and be wary of email attachments forwarded to you.
Set up two-factor (or multi-factor) authentication on any account that allows it, and never disable it.
Create a strong password. Put more effort into creating your passwords. You can use a tool like howsecureismypassword.net to determine how secure your passwords are.