Fraud Alert: Business Email Compromise (BEC)

Fraud comes in many forms and continues to be a significant problem faced by businesses of all types and sizes. It is vital for all businesses to have fraud prevention plans in place and that’s why from time to time Sunflower Bank will be delivering important fraud prevention alerts so you are kept well-informed of current trends your business should be aware of.


For several years, small and large businesses worldwide have been victimized by a fraud scheme which has gained significant notoriety. This particular scheme, known as the Business Email Compromise scheme, results in large losses to the victim businesses but is very easily prevented. According to the FBI , between October 2013 and August 2015 at least 7,066 U.S. businesses were victimized by this type of scheme with a total loss to those businesses of $748 Million.


The Business Email Compromise (BEC) scheme involves the use of fraudulent emails sent from a company’s executive to an employee responsible for wires, which requests that the employee send a large wire transfer. The employees in question generally send the wire transfer without asking further questions and by the time the business realizes it has been scammed it is too late to recover the funds from the recipient of the wire.


BEC scheme emails are typically sent from a high ranking executive in a company to a lower level accounting employee. These emails are generally sent via hacking of the business’ internal email service or by sending the email from an email address that is very similar. For example, the email might come from instead of The emails typically express urgency in sending the wire and at times request that the employee maintain confidentiality from other employees. The fraudsters sometimes even go as far as to read emails from the executive and write the email similar to the way the executive normally writes emails. The emails might also appear near the end of the business day or may be near the cutoff for international financial transactions. Variations of the scheme have also incorporated a third party who calls the victim and claims they are an attorney for the victim, etc.


According to the FBI , businesses have reported using the following new measures for added protection:

  • Create intrusion detection system rules that flag e-mails with extensions that are similar to company e-mail. For example, legitimate e-mail of would flag fraudulent e-mail of
  • Register all company domains that are slightly different than the actual company domain.
  • Verify changes in vendor payment location by adding additional two-factor authentication such as having a secondary sign- off by company personnel.
  • Confirm requests for transfers of funds. When using phone verification as part of the two-factor authentication, use previously known numbers, not the numbers provided in the e-mail request.
  • Know the habits of your customers, including the details of, reasons behind, and amount of payments.
  • Carefully scrutinize all e-mail requests for transfer of funds to determine if the requests are out of the ordinary.


Victims of BEC schemes or those with an interest in learning more about BEC schemes may visit the FBI Internet Complaint Center (IC3) at or contact your local FBI Field Office. As always, if you observe BEC scheme activity on your Sunflower Bank accounts, please report the incident to bank personnel as soon as possible. As always, please contact your Sunflower Bank Treasury Management partner for additional information regarding wire best practices or to review your current wire agreements and protocol.

1-2 FBI Public Service Announcement # I-082715a-PSA

< Back