Business Email Compromise is the Most Common Type of Payments Fraud

Successful Business Email Compromise fraud attacks can not only negatively impact a company’s reputation, but the potential financial loss can be detrimental.


Many people nowadays are working remotely, which means there is more business being done electronically. While processes, systems, communication and overall operations may have changed, an unfortunate consistency for your payables department is payments fraud. Understanding its prevalence and acting upon its threat is now more important than ever. The Association for Financial Professionals (AFP) recently released their 2020 Payments Fraud and Control Survey Report, and it shows Business Email Compromise (BEC) is the most common way businesses become victims of fraud.

BEC occurs when someone falsifies a legitimate email address to authorize the transfer of funds to accounts managed by criminals. The scammers target businesses of all sizes, and companies impacted by BEC have increased significantly – from 64% in 2015, to 75% in 2019 – proving the need for a solid payments strategy is critical.

Understanding How BEC Works

When it comes to Business Email Compromise, criminals are doing their research. They not only find information on a company, they target the details of payments being made — often including payment type, amount and frequency. Once information is collected, a falsified email address is used to send an email communication with what seems like a legitimate request from a trusted vendor or member of a company’s executive team. The individual at the company authorizes and releases the payment, potentially resulting in a financial loss. The most common sources of BEC are:

Payment Method Targets of BEC

As reported by survey respondents, understanding common payment targets is essential:


While Wire Transfers are the most susceptible to BEC, the ACH Credits method is not far behind it, and even saw a 4% increase from the previous year. This indicates scammers have adapted and are becoming more innovative. In doing so, companies are more exposed to a significant number of risks, and things like malware and spyware further infiltrate an organization’s internal systems.

Most Susceptible Departments

While it makes sense that the Accounts Payable department would be targeted most frequently, it may also be surprising to know that other departments are also frequently targeted:

How to Protect Your Business

To help protect against BEC, companies are implementing more secure procedures, and are better utilizing available tools and resources. Respondents shared the following top five methods being implemented to limit their exposure:

A successful BEC attack can significantly impact a company’s finances, but other threats such as loss of confidential information belonging to the company, their vendors and/or their customers can be just as damaging. The backlash from that alone can ruin a company’s reputation.

To help protect against payments fraud, regardless of type, businesses identified key solutions:

Employing fraud mitigation products and services such as Check and ACH Positive Pay, Commercial and/or Virtual Cards, account blocks, and more, can validate payments and stop fraudulent transactions. Doing so will only help your business keep moving forward, especially during a time of so much uncertainty.



Our Commercial Banking Team is ready to help your business grow.

Find a Banker


Or let us contact you.