Businesses in Henderson, KY are facing a growing threat from online fraud and Business Email Compromise.

​Business Email Compromise (BEC) happens when criminals intercept or spoof emails, often from vendors or executives. The goal is to trick accounts payable staff into sending payments to fraudulent accounts, usually by changing bank details or sending fake invoices, exploiting trust and urgency through sophisticated techniques like domain spoofing and email thread hijacking. These attackers monitor conversations to time their move, altering payment instructions to divert funds via wire or ACH transfers to their own accounts, causing major financial losses.
 
How It Works

1. Compromise: Attackers first gain access to a legitimate email account (e.g., a vendor's or executive's) through phishing or other methods.
2. Monitoring: They silently monitor the compromised inbox to learn the company's payment processes, trusted contacts, and typical transaction amounts.
3. Interception: When a payment is due, the fraudster inserts themselves into the email thread, impersonating the legitimate sender.
4. Manipulation: They send a fake invoice or a request to change banking details (often a slight domain variation, like adding an "i" for an "l"), directing payment to the fraudster's account.
5. Urgency: The request often includes urgency (e.g., "avoid late fees") to pressure employees into acting quickly without verifying. 

 
Common Tactics

• Vendor Email Compromise (VEC): Spoofing or taking over a vendor's email to request payment changes.
• CEO Fraud/Executive Impersonation: Posing as a senior leader to demand urgent payments.
• Domain Spoofing: Creating fake domains that look very similar to real ones (e.g., company.com vs. cornpany.com). 

 
Warning Signs to Watch For

• Sudden changes in wire instructions, especially close to payment deadlines
• Emails with subtle domain misspellings (e.g., @teamavalon.com vs. @t3amavalon.com)
• Unusual tone or urgency from known contacts
• Requests to bypass standard verification procedures
• Lack of phone confirmation from high-value transfers

 
Protection Measures

• Verify Changes: Always verbally verify any changes to bank details or payment instructions with a trusted contact via phone.
• Strong Protocols: Implement multi-step approval processes for payments and bank detail changes.
• Email Security: Use advanced email security to detect phishing and suspicious attachments/links.
• Employee Training: Educate staff to spot red flags, like urgent requests or subtle email address changes. 

 
If your business or organization handles wire transfers, especially in sectors like legal, real estate, construction, or finance, you are a prime target.  Review your wire transfer protocols today.  Ensure that every change in payment instructions is verified independently – not just by replying to the email.
 
HMP&L Fiber is your community owned fiber internet and phone provider and our staff is here to assist you and provide guidance if you suspect business email compromise or have questions.
 

---