Business Email Compromise (BEC) is a type of payment fraud that involves compromise of legitimate business e-mail or creating look-alike domain name accounts for the purpose of conducting an unauthorized funds transfer.

Fictitious funds transfer requests from suppliers or business partners:

  • ​​A fraudster compromises the email of an employee of the target company. ​
  • The fraudster monitors emails of the business user looking for supplier invoices. 
  • The fraudster finds a legitimate invoice and modifies the beneficiary information, such as changing the IBAN / account number to which payment is to be sent. 
  • The fraudster disguises the vendor’s email to submit the modified invoice. It doesn’t require compromising the supplier’s email system, but instead sends the invoice from an email address that is so close to the domain of the vendor that most people would miss the change, for example, instead of or into or
  • When the company receives payment request and fake invoices through emails, they recognize the supplier’s name and services provided, they process the invoice and submit a funds transfer request to their for payment. 

Fictitious funds transfer requests from Executive Staff:

It may also involve a fraudster compromising the email account of an Executive (CEO, CFO, etc.) and send a funds transfer request from the compromised email ID to the accounts department staff.

How to minimize your chances of being a victim:

  • Increase awareness amongst your Finance/ Account Departments staff.
  • Look for the validity of email IDs (spelling & disguised IDs) of the sender requesting the funds transfer.
  • Always enquire on funds transfer requests to any new beneficiary account information.
  • Look for change in payment request pattern (out of cycle, currency, high value) for the known suppliers.
  • Get a telephonic confirmation from the sender of the email who could be your suppliers or company executives, before instructing your bank to transfer the funds.
  • Protect your company domain or servers by enhancing the security infrastructure.
If you notice any unusual/ suspicious transaction on your account, please contact ADIB immediately on our 24/7 Call Center at Fraud Hotline: +971 26100116