Business Email Compromise

Business Email Compromise (BEC), is a criminal act where criminals illegally access the victim’s email account and communicate as if they are the “user”. This sophisticated scam targets both businesses and individuals.

How it happens and red flags to look out for

• Fraudsters gain unauthorized access to an email account and impersonate the user i.e. senior executive in organizations, suppliers, attorneys etc in order to trick the recipient into making payments or changing bank details into the fraudsters account and at times also requesting for sensitive information.
• Be cautious of requests from an unknown ‘contact’ or point of contact at the organisation.
• Look out for spoofed email addresses that are made to look like that of the organisation for example @absa.africa.com instead of @absa.africa.
• Be cautious of emails with a sense of urgency, requesting for personal information and/or sensitive company information.

How to respond and protect yourself or organisation

• Always confirm any email change of banking detail requests / instructions by contacting the sender using known contact details you have on record.  Do not reply to the email or use the contact details included in the email.
• Verify the bank account details using the Account Verification Service (AVS) available to you, before making any payments.
• Always examine the email address and header information to ensure that an email is from a legitimate contact.
• Organisations to implement email security tools to detect spoofed emails and phishing emails.

Reporting options

• To report fraud-related incidents, please email cibfraud@absa.africa
• To report phishing incidents, please email secmon@absa.co.za
• To report a matter after business hours, please contact our Fraud Hotline on 0860 500 703 or 010 211 3117.