Fraud schemes continue to grow, evolve and target legitimate businesses, nonprofits, government and other public-sector organizations. One of the schemes is Business Email Compromise.
Business Email Compromise is when a legitimate business email account is either compromised or impersonated. The accounts are then used to order or request the transfer of funds. Fraudsters often compromise one of the business' officers and monitor his or her account for patterns, contacts or information. Once the officer is usually away on business, the compromised email account is used to send payment information.
Fraudsters monitor the officer's accounts for patterns, contacts and information.
After identifying the target, ploys are conducted such as spear-phishing, social engineering, identity theft, email spoofing and the use of malware to either gain access to or convincingly impersonate the email account.
Fraudsters uses the compromised email account to send payment instructions.
Payment instructions direct the funds to an account controlled by the fraudster.
"The best way to avoid being exploited is to verify the authenticity of requests to send money by walking into the CEO's office or speaking to him or her directly on the phone," said Special Agent Martin Licciardo. "Don't rely on email alone."
NACHA – The Electronic Payments Association is the steward of the ACH Network – one of the largest, safest and most reliable payment systems in the world. The ACH Network creates value and enables innovation by universally connecting all U.S. financial institutions, and moving money and information directly from one bank account to another.
Due to recently increased security requirements, we at Heartland Bank are no longer able to support version 10 or older of Internet Explorer. We are sorry for this inconvenience, and encourage you to upgrade to more secure options such as Internet Explorer 11, Google Chrome, or Mozilla Firefox.