How to prevent business email compromise

11 June 2020

Cyber criminals are using increasingly sophisticated methods to exploit both users and organisations in order to obtain sensitive information and money.

To support safer use of technology, Information Technology Services (ITS) will report each month on important cyber security issues. This month, we’re talking about business email compromise – what it looks like, and how you can avoid it.

Business email compromise (also known as invoice, CEO or wire transfer fraud) occurs when an employee receives an email from a senior staff member requesting important documents or payment on an invoice. Typically these emails are just one or two sentences long, state they are sent from a smart phone, and have a sense of urgency.

While standard security defences can block malicious attachments or blacklisted websites, these imposter emails rely on social engineering, and as such can appear harmless to email security.

The best way to prevent a compromise is to look out for the following warning signs:

  • An unexpected email.
  • An urgent request for payment or intellectual property.
  • The sender is a person of authority you don’t usually work with.
  • The contact name is correct, but the email address does not match.
  • The supplier has new bank details.

If you doubt the authenticity of an email of this nature, please contact UQ’s Cyber Security Operations Centre (CSOC) or your supervisor.

Effective prevention also involves developing validation processes for all requests for payment and sensitive information, and creating a workplace culture that encourages employees to verify these emails with their managers.

If you feel you have been affected by a business email compromise, please contact IT Support immediately. Remember, cyber security is everyone’s responsibility.