CourseVector Logo (white)

Business Email Compromise Scams Are Difficult To Spot

An extra “s” cost a Florida municipality $700K

It is worth the reminder that criminals work very hard to make scams difficult to spot. One Florida city was scammed out of a large sum of money in a very legitimate-looking scam. As reported by Naked Security, the city was involved in a construction project with a very real local contractor. They received an email message that the company changed its banking information.  The message “included the proper form to change the routing and account number, plus a copy of a voided check from the account.” However, the email came from @ausleyconstructions.com. The company’s real email address did not include one thing – an extra “s”: @ausleyconstruction.com

Business Email Compromise (BEC) scams can be difficult to spot. The scam mentioned above, known as spear phishing, was caught after the real construction company submitted a sizable invoice after the city paid the bogus invoice. Municipalities across the country are falling victim to similar spear phishing campaigns. Many of these scams involve legitimate email accounts that have been compromised. It is truly difficult to tell whether an email address has been spoofed or hacked. So how can any company or government protect itself from these types of sophisticated scams?

Protect your organization from scammers

Short of hiring a specialist to review an organization’s handling of billing requests and payments, employees must take an active roll in preventing this type of costly scam. 

Scam or no scam free cyber security poster

Don’t Trust Email & Question Requests – If you receive a request from your (or a vendor’s) CEO that seems fishy, either ask them to verify the request in person or pick up the phone and call to ask them to verify the request. Don’t trust any phone number found in a questionable email, though. Use a phone number you already know and trust, or look it up on the company’s website.

Pay Attention – It is difficult for anyone to spot an email address that is just one letter off. It is even more difficult to tell whether an address is spoofed or hacked.  But, the email address is not the only place to find a scammers mistake. Check for spelling, grammar, and punctuation errors within the email itself.

Report Fraud – Law enforcement relies on average people to report crimes and fraud. Therefore, it is incredibly important for you to report fraudulent behavior as soon as possible.

Picture of Jennifer Mariani
Jennifer Mariani
Jennifer specializes in project management and copywriting for CourseVector in addition to her duties as the Operations Manager. She prides herself in knowing “just enough to be dangerous” when it comes to building websites, and takes her roll as content writer and client educator seriously. Outside of CourseVector, Jennifer enjoys art and design, knitting, cooking, and being outside with her boys (human and four-legged). To her, a great cup of coffee and a little kindness go a long way.
CourseVector Logo with slogan (white)

About Us

CourseVector is a hosting, web design, custom programming, and SEO company located Camp Hill, PA.

Leave us a Review

Get in Touch

Useful Links

© 2024 CourseVector. All rights reserved.

Sitemap | Locations | Privacy

Search

Sign Up for Our Newsletter

Thank you for your interest in our newsletter! Fill in the form below to receive periodic updates on internet and website security, free cybersecurity posters, WordPress news, and more!

"*" indicates required fields

Name*

Your privacy is important to us. We do not share your information with anyone. You can opt out of our newsletter at any time.

Stay up to date with technology, scams, WordPress, and more. Follow CourseVector on Facebook today!