Project Description

Woman on phone looking worried

BEC attacks rise as criminals seek to cash in on COVID-19 crisis

Fraudsters are always looking to take advantage of business disruption. The shift to a remote workforce due to the coronavirus health crisis creates an environment ripe for Business Email Compromise (BEC) scams, also called impostor fraud.

BEC attacks were already on the rise in 2019, with 61% of treasury and finance professionals reporting an attempted or successful payments fraud incident.1 There was a 100% increase in U.S. dollars exposed globally (actual and attempted losses) between May 2018 and June 2019, with all 50 states and 177 countries reporting BEC attacks.2 Amid the COVID-19 pandemic, cyber criminals are intensifying their assault on businesses and organizations.

In a BEC scheme, a criminal impersonates someone you know and trust such as a vendor, executive, or the IRS. The impostor contacts you by phone, email, fax, or mail and submits an invoice or requests a payment or a change to vendor payment instructions. The goal is to trick you into sending the criminal funds.

Reported BEC attacks that exploit the coronavirus epidemic include:

  • An impostor posing as a company CEO emailed a request for a bank account change and an earlier payment date for previously scheduled funds “due to the Coronavirus outbreak and quarantine processes and precautions.” The fake email address nearly matched the CEO’s real email address with only one letter altered.3
  • A request to change all invoice payments to a new bank, claiming that the regular bank accounts were inaccessible due to “Corona Virus audits.”4
  • Fraudsters claiming to sell personal protective equipment (PPE), medical equipment including ventilators, and other equipment and supplies that have shortages.5

Remote workers are optimal targets for BEC fraud

Prior to the pandemic, 80% of companies had reported actively training employees on how to detect fraudulent emails to better control BEC incidents. However, despite greater employee awareness, 75% still experienced BEC attacks.6 In the current environment, workers face stress and distraction at home that can counteract previous training and employee awareness around fraud.

If employees access work through their personal devices and home internet connections in unsupervised work environments, they are even more vulnerable to BEC attack.

Take security measures to help protect your payments

  • Check for red flags such as: a high degree of urgency, a request to keep a payment confidential, subtle changes in an organization’s name in the email address, information (beneficiary name, mailing address, account number) that does not match the details on file, the use of a public email domain like Gmail instead of an organization’s email domain, a mismatch between a requested payment amount and the amount in the invoice or payment request.
  • Verbally verify all payment requests and requests to change payment instructions such as account and routing transit numbers, payment type, amount, financial institution, mailing address, and other key details. This includes when onboarding a new vendor and when an existing vendor requests to switch a payment from paper to electronic.
  • Use a different communication channel to verify requests than the one used by the requestor.
  • Always use the contact information you have on file to verify requests. If you’re making a large payment, use multiple communication methods to double and triple check the validity of payment and payment change requests. Make sure that employees working remotely have access to vendor contact details.
  • Use dual custody as it is intended to be used. Do not rubber stamp approvals.

Impostor fraud is difficult to detect because transactions are consistent with regular payments and made by authorized personnel. Make sure to monitor account activity and reconcile accounts daily.  This increases the chance of detecting anything out of the ordinary, as wells as catching and stopping a fraudulent payment in advance.

Stay vigilant to the rising threat of BEC during the coronavirus outbreak.

1“BEC Scams Poised to Surge in Coronavirus Crisis”, by Andrew Deichler,, April 14, 2020.
2 2020 AFP® Payments Fraud and Control Survey Report
3“FBI Anticipates Rise in Business Email Compromise Schemes Related to the COVID-19 Pandemic”, April 6, 2020 (Source:
4 “FBI Anticipates Rise in Business Email Compromise Schemes Related to the COVID-19 Pandemic”, April 6, 2020 (Source:
5 “FBI Warns of Advance Fee and BEC Schemes Related to Procurement of PPE and Other Supplies During COVID-19 Pandemic”, April 13, 2020 (Source:
6 2020 AFP® Payments Fraud and Control Survey Report

For more information, contact your Wells Fargo treasury management representative or fill out the Contact Us form on this site.