Ask the Expert | Winter 2020

Help protect your business from email compromise

Man and woman pointing

Business Email Compromise is a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The perpetrators monitor business executives’ or employees’ email accounts and then initiate fraudulent emails that appear to be from those executives and employees requesting wire transfers in attempt to steal money. The fraudulent wire transfer payments are sent to foreign and domestic banks and may be transferred several times but are usually quickly dispersed.

To help protect you and your business from becoming victims:
  1. Avoid Free Web-Based Email: Establish a company website domain and use it to establish company email accounts in lieu of free, web-based accounts.
  2. Be careful what is posted to social media and company websites, especially job duties/descriptions and hierarchical information.
  3. Be suspicious of requests for secrecy or pressure to take action quickly.
  4. Consider additional IT and Financial security procedures and two-step verification processes. For example:
  •  Out of Band Communication: Establish other communication channels, such as telephone calls, to verify significant transactions.
  •  Digital Signatures: Both entities on either side of transactions should use digital signatures when whenever possible.
  •  Delete Spam: Immediately delete unsolicited email (spam) from unknown parties. Do NOT open spam email or click on links in the email.
  •  Forward vs. Reply: Reply by forwarding your email instead of using the “reply” option and either type in the correct email address or select it from the email address book.
  •  Significant Changes: Beware of sudden changes in business practices. For example, if a current business contact suddenly asks to be contacted via a personal email address when previous official correspondence has been on a company email, the request could be fraudulent. Always verify via other channels that you are still communicating with your legitimate business partner.

Protect your business

Protect your business and then Huntington's Business Online banking platform offers multiple fraud mitigation resources to help you protect your accounts against both paper and electronic fraud.
Learn more

The information provided is intended solely for general informational purposes and is provided with the understanding that neither Huntington, its affiliates nor any other party is engaging in rendering tax, financial, legal, technical or other professional advice or services. Any use of this information should be done only in consultation with a qualified and licensed professional who can take into account all relevant factors and desired outcomes in the context of the facts surrounding your particular circumstances. The information in this document was developed with reasonable care and attention. However, it is possible that some of the information is incomplete, incorrect, or inapplicable to particular circumstances or conditions. NEITHER HUNTINGTON NOR ITS AFFILIATES SHALL HAVE LIABILITY FOR ANY DAMAGES, LOSSES, COSTS OR EXPENSES (DIRECT, CONSEQUENTIAL, SPECIAL, INDIRECT OR OTHERWISE) RESULTING FROM USING, RELYING ON OR ACTING UPON INFORMATION IN THIS DOCUMENT EVEN IF HUNTINGTON AND/OR ITS AFFILIATES HAVE BEEN ADVISED OF OR FORESEEN THE POSSIBILITY OF SUCH DAMAGES, LOSSES, COSTS OR EXPENSES.