Business Email Compromise Scam
What is a Business Email Compromise scam?
A business email compromise scam, commonly known as a BEC or a payment redirection scam, is when a recipient receives a legitimate-looking email requesting a payment to new or updated account details.
This type of scam can impact everyone, not just businesses.
Emails could be from a supplier, someone known to you from within a business, a request for an urgent payment, payment of an invoice, including deposits to real estate agents or conveyancers, or even requests made to your HR department to redirect your salary.
Scammers will usually contact you via email, which has been compromised. The compromised email account could belong to the sender or even your own. It could appear to come from a similar-looking address or one that’s made to look like your email. A conversation may even be initiated by SMS.
Examples of scams*
- Employee salary account change example
- Supplier account change example
- Executive impersonation example
Priya in human resources received an email from Simon, saying he was having technical difficulties with the HR system and could she change his bank account details.
After the next pay day, Simon called HR and complained about not being paid. HR advised Simon his pay had gone to his new account, per his recent email request. Simon advised he had not changed accounts and had not sent an email to do so.
Further investigations determined HR had received an email from an email address that appeared the same as Simon's and they had processed the change without verbally confirming the request.
ScamSpot: a series of 2-minute bites to help spot the latest scams
Signs this may be a scam
An email/invoice requesting you pay to a new account number.
Even if such requests came from someone associated with you, do not make any changes until you've verbally verified the request, using a number you sourced yourself.
A CEO, executive or senior manager requests an urgent payment, or payment to a specific account.
Pause and verify. Always verbally confirm any requests for urgent payments or account changes, received via email, regardless of who the sender is.
A supplier or employee advises you they have not received payment.
Do not make any more payments until you investigate the payment history and emails, to check if there were any requests made to amend account details.
Tips to minimise the risk of being scammed
- Always verbally confirm any requests for urgent or redirected payments.
- Register your business for PayID by using your ABN and request this is how your account is credited.
- Request to pay your suppliers using a PayID, PayID displays the registered payee name, so if it's not your intended recipient you will know something is possibly suspicious.
- Use multifactor authentication and dual payment approvals where available.
- Train your employees regularly on how to spot scams. Empower them to question any payment related requests and verbally verify account details are correct, by setting this as a process to follow.
What you can do if you
come across a scam
Let us know
- Please report scams or suspicious activity immediately to Westpac at 132 032 or +61 2 9155 7700 (if calling from overseas).
- Forward suspicious emails to firstname.lastname@example.org or SMS/text messages to 0497 132 032 then delete the email or message.
- You can also report all suspicious activity to the Australian Cyber Security Centre at cyber.gov.au/report.
Get support and stay in the know
- IDCARE provides free, confidential support and guidance to those impacted by fraud, scams, identity theft or compromise. Call them toll-free on 1800 595 160 or visit idcare.org.
- Keep up to date on scams by subscribing to the government's scam email alerts from scamwatch.gov.au/subscribe.
- Check out our latest scams, for copies of recently reported scams at westpac.com.au/scams.
Set up PayID to prevent Business Email Compromise Scams
Watch our helpful step-by-step video
As a business you need to constantly be on the lookout for scams.
Business Email Compromise scam is one of the most common types.
It’s when criminals impersonate you or someone from your business or one of your suppliers using similar names, domains, or fake invoices.
The scammer might:
Pretend to be you, invoice a customer or a supplier, and have a payment made to their account details, rather than yours or,
Pretend to be a CEO or employee from another company to get a payment from you or,
Pretend to be an employee and have a salary payment redirected.
There’s a quick and easy way to make payments safer: Register for a PayID using your ABN. So, if a customer or supplier uses your PayID they’ll be able to verify it’s your business. PayID doesn’t replace your BSB and account number, it’s just a safer way to pay because your customers will be sure they are paying you and only you.
To set up PayID head to the Westpac app
Search for PayID
More information about how to create a PayID will appear on screen. Make sure you’re registered for Westpac Protect™ SMS Code or SecureID token and have an eligible account.
Your ABN and name will appear based on what we have on record.
You can select your ABN as your PayID type. This will mean that your PayID display name (or what will be returned to the customer) will be the legal name of your business, rather than its trading name.
Select the account you wish to add PayID to. As a sole trader you can register up to two different PayIDs if you two different business accounts and want one for each.
Then check the details and confirm you want to create a PayID.
PayID is now set up for your business!
Ask your existing customers or suppliers to use your PayID wherever possible.
And when paying someone new, protect yourself by asking them for their PayID (or BPay billing code).
For other ways to stay smart, safe, and secure from scammers visit the Westpac Security Hub.
Website link appears on screen - www.westpac.com.au/security
Things you should know
* Examples are based on one or more real scam reports received by Westpac. For privacy purposes real names have not been used.