Online Security

As your financial institution, Heritage Bank of Commerce is constantly reviewing emerging risks
that may negatively impact your business or put your finances at risk.

Business Email Compromise

There continues to be a significant global increase in “Business Email Compromise” (or “BEC”),
which fraudsters use in attempts to coerce fraudulent wire or ACH transactions. Fraudsters
‘spoof’ a business partner or internal employee by mimicking or faking email addresses and sending
official-looking wire transfer requests. This could include emails appearing to be from vendors or
company employees, often impersonating internal management individuals like the CEO. These
requests typically emphasize urgency.

Such emails can be difficult to detect since fraudsters are skilled at their deception. However,
the following steps can help protect your company:

  • Carefully check the “From” address: Is the company name spelled correctly? Is the individual’s name spelled correctly?
  • Verify the sender’s email address: Is it coming from an unusual or unknown email address?
  • Consider if it is normal for your vendors or management to request a wire transfer or ACH via email. Does the request involve changing longstanding payment instructions?
  • Assess the tone and grammar of the email: Is it consistent with your usual correspondence with this individual?
  • Review the wire or ACH instructions: Do they make sense? Are you being asked to send funds to a foreign country, particularly if the business is not foreign?

Tips to Prevent Wire Fraud

Additional tips to help prevent wire fraud in your company include:

  • Utilize dual control and segregation of duties for all wire or ACH transfers. Require a second employee to approve any transfer created, adding a second set of eyes to ensure transaction validity.
  • Employ “Out of Band” or “Two-Factor” Authentication, which sends a one-time passcode to a registered cellular phone or email whenever a wire or ACH is created or requires approval.
  • Mandate written requests for wire transfers within your company, with specific levels of authority required for approving a transfer.
  • Always validate email requests by calling a known phone number, not a contact method provided in the email request.

Prevention prior to sending funds is essential since recovering sent funds is difficult and often impossible. Taking care before sending funds is time well spent.

Contact Information

For further information, please contact your banking professional or our Wire Operations Department at:
(408) 792-4099

Visit us at heritagebankofcommerce.bank

Member FDIC

Download PDF

Related Posts

Recent Posts

Categories