Business Email Compromise (BEC)

Business Email Compromise (BEC)

Business Email Compromise (BEC) scams involve targeted phishing and hacking of businesses, usually by gaining remote access to an email account.

How does it work?

Scammers intercept legitimate invoices and change the payment details before sending them onto customers and clients, tricking them into thinking they’ve paid the business when in reality they have unknowingly transferred funds to the scammers’ bank account.

Warning signs

The biggest warning sign is receiving an unexpected request to change or update payment details from one of your regular suppliers or a business you’re engaging with.

How to protect yourself or your business

To avoid being impersonated by a scammer, we recommend:

  • Securing your email, accounting and other systems with two factor authentication.
  • Frequently reminding your customers about the invoice payment process.
  • Setting up a PayID using your ABN or a business email address and including these details on your invoices.
  • Always checking that goods or services were actually ordered and delivered before paying an invoice.
  • Treating any notification to change bank account details as suspicious, and calling the business to confirm over the phone if you’re unsure.
  • Looking carefully at every invoice and compare it to previous ones received.
  • Keeping an eye out for spelling and grammatical errors when reviewing the invoice.
  • Checking to see if the email address has been slightly altered.
  • Using a business’s PayID if you can, and making sure it’s linked to the correct PayID holder.

What to do if you think you’ve been scammed

  • If you have made a payment to a scammer, or think you have provided your account details to a scammer, contact your bank or financial institution immediately. They may be able to stop the payment for you.
  • Report your experience to cyber.gov.au. This helps us and other government agencies warn people about current scams, monitor trends and disrupt scams where possible.
  • Change your passwords immediately if you suspect your security has been compromised.
  • Visit Scamwatch for more information on current scams and what you can do to protect yourself.