Transcript: Business email compromise

CIBC Commercial Banking Business Email Compromise

[This video uses animation to convey spoken content.]

[Music plays]

[The CIBC logo appears.]

[Cyber fraud prevention: Business email compromise]

[A laptop computer is open on a desk. An email notification appears on the computer.]

>>Narrator: You’re at work and you receive an urgent email from your President and CEO.

[The email is opened and reads: “This invoice is due tomorrow and I am in an important meeting right now. Could you please wire the money immediately?”]

They say there’s a critical business need, and they need you to send a wire transfer. Be careful, you may have been targeted by business email fraud.

[What is a business email compromise scam?]

More and more business is conducted online every day, and that puts companies at increased risk for online fraud. Business email compromise scams are a common way that criminals attempt to steal money.

[A computer shows an online banking account balance decreasing.]

And they can be difficult to spot. Typically, a fraudster gains control of a legitimate business email account or creates a very convincing fake email account.

Then, they use that account to impersonate someone you know and trust, such as a supervisor, fellow employee, or a vendor, in order to trick you into sending them money.

Business email compromise scams can also appear to come from a vendor, requesting you to update bank information for payment or fake invoices.

[Recognize fraud]

Not all scams are easy to spot. Protect yourself by looking out for the following signs:

Urgent requests that ask you to avoid your usual procedures or hide your activity.
An email from high-level executives making unusual requests or asking for secret payments.
A message sent from a personal email account instead of a business account.
Incorrect grammar or spelling errors.
And phrasing that doesn’t match the sender’s usual writing style.

[Protect yourself]

You can protect yourself and your business by remembering these 5 simple rules:

[Verify]

Whenever you receive an email requesting changes to payment information, always verify by making an outbound call to a trusted number you have on file. 

[Don’t engage]

If you receive a suspicious email, don’t respond, don’t click any links, and don’t open any file attachments.

[Protect your accounts]

Regularly update your passwords and never use the same password across multiple accounts. Enable two-step or multi-factor login authentication. Turn on email spam filters.

[Update your software]

Use current anti-malware software. And make sure to keep your device and system software updated.

Cybercrime is on the rise, but you can protect yourself, and your business.

[To learn more about fraud, visit: us.cibc.com/FraudPrevention.]

[Legal disclaimer: The CIBC logo is a trademark of CIBC.]