If you think your business is affected by BEC, we recommend that you act immediately by following our guidelines below, and then proceed to our ReportRecover and Reinforce sections for further assistance.

Some Immediate Action Steps to Take

  • If funds were transferred, contact your business’s financial institution immediately upon discovering the fraudulent transfer.
    • Request that your financial institution contacts the corresponding financial institution where the fraudulent transfer was sent.
  • Alert all employees that an email address has been compromised within the organization.
  • Contact your local Federal Bureau of Investigation (FBI) office if the wire is recent. The FBI, working with the United States Department of Treasury Financial Crimes Enforcement Network, might be able to assist.
  • Change and create a new strong password for your account. Learn how from ConnectSafely.org.
  • Always enable a two-step/factor verification – which requires an additional code to log in.
  • Contact your business’s email service provider to report the incident:

Report

Reporting cybercrime incidents to the FBI Internet Crime Complaint Center (IC3) is very important! The more national reporting data that is collected, the better the chance law enforcement has to catch the criminals and decrease online crime. Although the FBI does not resolve individual complaints directly, they will make your report available to local, state and other law enforcement partners. The FAQs about reporting can be found here. Please read the FBI/IC3 privacy policy here. (If you believe that you’ve received a phishing email, please forward the email directly to spam@uce.gov and
reportphishing@apwg.org.)

Recover

These resources have been gathered, selected and vetted to help simplify the process of recovering after a cybercrime incident has taken place. You may need to contact organizations outside FraudSupport.org. Results will vary depending on your circumstances.

Reinforce

Once you have notified the appropriate organizations and you are on the road to recovery, it is time to reinforce your cybersecurity using these resources and tools.

Implement Preventive Measures

  • Train your staff to recognize BEC scam emails and create policies for identifying and reporting BEC and phishing email scams.
  • Establish procedures that require approval from a manager or financial officer to spend or send money.
  • Take time to verify all financial requests, especially urgent ones.
  • Speak to the person requesting money on the phone or in-person before proceeding with any transfers. If contacting them by phone, use previously known phone numbers, not the number provided in the email.
  • Create email rules that flag emails with extensions that are similar to company email or where the “reply” email address is different from the “from” email address is shown.