Protect Against Email Compromise

As cyber thieves continue to come up with new, deceptive tactics, an increasingly common approach is impersonating real email accounts and sometimes actually taking over existing accounts. It's a tactic we've seen, and we expect to see more in the future.

This article will cover:

  1. What are the common email attacks?
  2. What can you do?
  3. How does CRBT help?

What are common email attacks?

  • Business Email Compromise (BEC) – An attacker disguises an email address to look like someone the victim trusts. Common tactics include:
    • Domain spoofing: Faking a website name to fool users
    • Display-name spoofing: Using an email account with a display name known to the recipient
    • Lookalike domains: A nearly identical, slightly altered domain name, registered with intent to deceive the recipient
  • Email Account Compromise (EAC) — Also known as email account takeover, this is when an attacker takes over the actual email account of someone the victim trusts. Common account-takeover techniques include password spraying (guessing the password) and getting account credentials through:
    • Phishing: Deceiving people into revealing sensitive information through email
    • Malware 
    • Purchasing information from the dark web to gain unauthorized access to email accounts 
    • Earlier data breaches

Even cautious email readers are bound to trust communications from colleagues after quickly verifying the sender address. If a legitimate business email account has been compromised, it ends up being the perfect delivery vehicle for far-reaching attacks. By taking over a legitimate email account, especially within the same internet domain as the victim's, the attacker can launch several attacks.

What Can You Do?

Be vigilant when it comes to identifying suspicious or unexpected 'urgent' requests or changes. If you receive an email concerning a change of payment method or bank account:

  • DO contact the payment recipient through another channel (phone) to verify this claim.
  • DO spread the word so colleagues dealing with these accounts are aware of the scam.
  • DON'T reply directly to the email or click on attachments or links you aren't expecting, even if they have harmless sounding names (e.g. invoices).

Protect Personal Information*

Most companies keep sensitive, personal information in their files that identifies customers or employees. If sensitive data falls into the wrong hands, it can lead to fraud, identity theft, or similar harms. The principles outlined below will help you keep data secure. A sound data security plan is built on 5 key principles:

  1. Take stock: Know what personal information you have in your files and on your computers.
  2. Scale down: Keep only what you need for your business.
  3. Lock it: Protect the information you keep.
  4. Pitch it: Properly dispose of what you no longer need.
  5. Plan ahead: Create a plan to respond to security incidents.

Source: Federal Trade Commission, Protecting Personal Information: A Guide for Business

How can CRBT help?

CRBT has a fraud department to assist clients when fraud has been identified. We initiate the necessary paperwork, help minimize any financial loss, and we work alongside law enforcement to provide necessary information.

Each day, millions of fraudulent checks are presented in the United States, costing businesses and financial institutions billions of dollars per year. We have a solution. Cedar Rapids Bank & Trust’s Positive Pay is one of the most effective check fraud prevention programs available. We work with your company to detect fraudulent activity by identifying items presented for payment your company did not issue. 

Another important consideration for your fraud mitigation plan should be ACH Positive Pay. This service allows control over electronic activity posting to business accounts. Similar to Check Positive Pay, unauthorized ACH transactions are flagged and you are alerted to review them through Business Online Banking.

To learn more, contact our Treasury Management team at 319.743.7002 or