The best defense against fraud is you. Learn more about fraud and arm yourself with the knowledge to stay safe online.

Contact Us

Contact Us

Report fraud or suspicious activity
TTY 800-659-5495
Report a lost or stolen credit card

Business Email Compromise - Small Business Security Center

Switch to another Security Center:

Identity Theft icon

What is Business Email Compromise?

Business Email Compromise, also known as Masquerading Wire Fraud, is a sophisticated scam targeting businesses that regularly performs wire transfer payments. Fraudsters are targeting businesses through phone, email, or fax specifically to initiate a fraudulent wire transfer. The fraudsters may impersonate a CEO, CFO, other company official, or vendor to target someone within the company authorized to send payments. The request to transfer funds often appears legitimate so the transaction is not scrutinized. Wire fraud is a significant and growing problem for businesses. Whether you use WebDirect or visit a branch to initiate wire transfers, the best defense against wire fraud is for your business to have rock-solid procedures, such as dual authorization for large-dollar transactions, and to back up those procedures by training your team members so they recognize the signs of suspicious activity within your company.

What you should look for:

  • Fraudsters frequently make contact via email using either a spoofed email account or by hacking into the legitimate account.
  • Fraudsters may use the names of legitimate companies and use fake email addresses to show a connection to that company (e.g.,
  • The request for distribution of funds is immediate and presented as time sensitive or highly confidential in order to make the recipient respond more quickly.

Tips you and your employees should keep in mind as you accept and handle wire transfer requests.

  • Be diligent about confirming that any request to initiate a wire is from an authorized source within the company.
  • Validate email addresses to help ensure messages are not coming from a fraudulent domain with a slightly different address from your company’s domain.
  • Slow down. Be on high alert for possible fraud anytime wire transfer instructions include tight deadlines.
  • Be suspicious of requests for confidentiality. Whenever wire transfer instructions specify to keep the transaction secret, verify the legitimacy of the source of this request. Speak to the executive or manager requesting the transaction by phone or in person. If you still have doubts, speak to another senior executive.
  • Similar to checks for paying large purchase orders, wire transfers over a certain dollar threshold may be matched to a reference number to help ensure they are linked to an approved purchase or service.

Learn about the different scenarios of this scam

Data from the Internet Crime Complaint Center (IC3) outlines three main versions of this scam. The following scenarios detail current elements of the scam, but fraudsters frequently modify their tactics in order to continue conducting fraud.

Version 1
A business, which often has a long standing relationship with a supplier, is asked to wire funds for invoice payment to an alternate , fraudulent account. The request may be made via telephone, facsimile or email. If an e-mail is received, the subject will spoof the e-mail request so it appears very similar to a legitimate account and would take very close scrutiny to determine it was fraudulent. Likewise, if a facsimile or telephone call is received, it will closely mimic a legitimate request. . This particular version has also been referred to as "The Bogus Invoice Scheme," "The Supplier Swindle," and "Invoice Modification Scheme."

Version 2
The email accounts of high-level business executives ( CFO, CTO, etc.) are compromised. The account may be spoofed or hacked. A request for a wire transfer from the compromised account is made to a second employee within the company who is normally responsible for processing these requests. In some instances a request for a wire transfer from the compromised account is sent directly to the financial institution with instructions to urgently send funds to bank "X" for reason "Y." This particular version has also been referred to as "CEO Fraud," "Business Executive Scam," "Masquerading," and "Financial Industry Wire Frauds."

Version 3
An employee of a business has his/her personal email hacked. Requests for invoice payments to fraudster-controlled bank accounts are sent from this employee’s personal e-mail to multiple vendors identified from this employee’s contact list. The business may not become aware of the fraudulent requests until they are contacted by their vendors to follow up on the status of their invoice payment.


Report Fraud, Business Identity Theft or Suspicious Activity

If you believe you are the victim of fraud or business identity theft, call Bank of the West immediately at
TTY 800-659-5495

To report a lost or stolen credit card, call us at 1-800-996-2638.

If you've received a suspicious email, let us know by emailing us at:

Need more information on what to do in case of fraud?

Report Fraud or Business Identity Theft >