-
Trade Shows
-
Media Group
Packaging WorldThe leading business publication for users of packaging equipment, materials and
Healthcare PackagingThe leading media brand covering life sciences packaging and logistics. Via print and
OEMThe go-to information resource for packaging and food processing machine builders. OEM is
ProFood WorldPMMI Media Group’s newest brand, edited for food and beverage processors. Readers will
Mundo PMMIThe new Spanish-language brand from PMMI Media Group created for professionals who
The official publication for CPA, the Association for Contract Packagers &
Emerging Brands AllianceProviding year-round education, resources, and growth opportunities for high-growth
Cyber Health
Business E-mail Compromise: What it is and how to avoid it
Business E-mail Compromise: What it is and how to avoid it
Published on
February 27, 2023
Business email compromise (BEC) is a type of online scam where a cybercriminal tricks a company or its employees into transferring money or sensitive information to the fraudster's account.
The scam typically starts with an email that looks like it is from a trusted source, such as a colleague, supplier, customer, or boss, but is actually from the fraudster. The email might use social engineering techniques to persuade the recipient to perform a specific action, such as wire transfer money, change bank account numbers, provide sensitive information, or buy gift cards or send funds to a specific account.
BEC attacks can be very convincing, as the fraudsters often spend time researching their targets, and they may use language and tactics that make the emails seem legitimate. These types of attacks can cause significant financial losses for businesses and individuals, so it's important to be cautious when receiving any email that requires you to provide sensitive information or perform financial transactions.
To avoid BEC scams, you should always verify the authenticity of any requests for funds or information. Double-check the sender's email address, scrutinize the content of the email, and if possible, confirm the request by phone or in person with the supposed sender. Additionally, businesses should consider implementing technical security measures such as two-factor authentication, training employees on cybersecurity best practices, making use of the Sender Protection Framework (SPF) and Domain Key Identified Mail (DKIM), and monitoring financial transactions for suspicious activity.
To view other PMMI CyberHealth content, visit pmmi.org/cyberhealth Got a more specific question? Email [email protected]. Be sure to also opt in to the CyberHealth e-newsletter to get cybersecurity updates straight to your inbox.