Understand business email compromise fraud and how to help to reduce your company's risk

Graphic:

Cyber Payment Fraud Education

Business Email Compromise (BEC)/Imposter Fraud

Voiceover:

Tom, an AP employee at one of our clients, received an email seemingly from a known vendor, requesting a bank account change for an upcoming invoice payment.

Graphic:

Tom received and email requesting changes in bank account for an upcoming invoice payment

Voiceover:

It was a busy day. So to save time, he called the number included in the email to confirm the request and then made the change.

Graphic:

Tom called the number in the email

He then made the change

Voiceover:

The next day, his team sent a $620,000 wire to the new account.

Graphic:

The next day, his team sent a $620,000 wire to the new account for the payment

Voiceover:

A week later, the real vendor called the AP team since they hadn't received their payment.

Graphic:

A week later, the real vendor called the AP team, since they hadn't received their payment

Voiceover:

At that point, our client realized they were a victim of fraud and contacted their bank team to recall the transaction.

Graphic:

At that point, our client realized they were a victim of fraud contacted their bank team to recall the transaction

Voiceover:

The lost funds were never recovered.

Graphic:

The lost funds were never recovered

Anil Khilnani on camera:

This real-life case study is an example of business email compromise, also known as imposter fraud. One of the most persistent and costly threats facing organizations today.

Lower third overlay Graphic:

Anil Khilnani

Fraud Education & Awareness Program Lead

Wells Fargo

Anil Khilnani on camera:

With this scam, fraudsters impersonate someone you know and trust, a vendor, a senior executive, or even a colleague to trick you into sending payments to them.

No organization is immune. These attacks target businesses of all sizes and across every industry.

Voiceover:

The fraudulent request may come from a spoofed email address, one that looks almost identical...

Anil Khilnani on camera:

...to a legitimate one, but perhaps just a subtle change.

Graphic:

How they target you

Spoofed email address

Voiceover:

Or worse, it may come from an email account that's been hacked, often through phishing.

Graphic:

How they target you

Spoofed email address

Compromised email account

Anil Khilnani on camera:

Imagine a senior executive’s email being used to request a fraudulent wire transfer, or a vendor's email asking to update their bank account details.

Today's cybercriminals are smarter, more sophisticated, and better resourced, thanks in part to the availability of generative artificial intelligence.

They'll patiently research and study their targets, crafting messages that seem legitimate, increasing the chances of success and the risk of financial loss.

Voiceover:

Here are three common types of business email compromise. Executive imposter fraud, a fake email from a senior leader requesting a payment.

Vendor imposter fraud, a fraudster posing as a vendor to divert invoice payments.

Payroll imposter fraud, changing an employee's direct deposit details to steal salary payments.

Graphic:

Common types of Business Email Compromise

Executive Imposter Fraud
Fake email from a senior leader requesting payment

Vendor Imposter Fraud
Fraudster posing as a vendor to divert invoice payments

Payroll Imposter Fraud
Changing employees direct deposit details to steal salary payments

Graphic:

Steps to help protect against BEC fraud

Voiceover:

So how can you help protect your organization against this threat?

Anil Khilnani on camera:

There is no silver bullet to fraud prevention, but utilizing a layered defense strategy can help make a difference. This starts with implementing and adhering to strong internal controls and practices.

Always verify all requests for payments or changes to payment instructions, especially changes to bank account details or payment types.

Graphic overlay:

Always verify all requests for payments or changes to payment instructions

Anil Khilnani on camera:

And watch for any red flags, including unusual or out of pattern requests, requests with a high sense of urgency, requests asking for confidentiality.

Graphic overlay:

Watch for any red flags

• Unusual or out-of-pattern
• Requests with high sense of urgency
• requests asking for confidentiality

Anil Khilnani on camera:

If you receive a request by email, never reply directly to the message to validate it.

Instead, pick up the phone and confirm it verbally, reviewing all the details in the request, such as the account and routing numbers.

And for these verification callbacks, never use any contact information that may be included in the request.

Use only the information in your own system of record, such as your vendor master file.

This was the mistake Tom made in the earlier case study.

Graphic overlay:

• Never reply directly to email requests
• Verbally confirm all details over the phone
• Never use contact information included in request
• Use only phone numbers in your own system of record

Anil Khilnani on camera:

Use a dual custody process with your payments. This setup requires two users on two different devices to separately initiate and approve all payments or payment instruction changes.

It's a second chance to stop a fraudulent payment before it goes out the door.

Graphic overlay:

• Use a dual custody process with your payments
• This requires two users on two different devices to separately initiate and approve payments

Anil Khilnani on camera:

Monitor your accounts regularly. We recommend daily reconciliations, which can help detect unauthorized activity in a timely manner.

Graphic overlay:

Monitor your accounts regularly

Anil Khilnani on camera:

Establish a goal of creating a cybersecurity culture across your organization. For this to happen, it's essential to provide regular fraud training to all employees.

Ideally, it shouldn't just be an annual event. Shorter, more frequent sessions can be more effective in reminding employees that they are the first line of defense against fraud.

Graphic overlay:

• Establish a goal of creating a cybersecurity culture across your organization
• Provide regular fraud training to all employees

Anil Khilnani on camera:

If you detect or suspect fraud with the payment, contact your bank team immediately. Time is critical in these situations. And remember, staying alert and informed can help you stay protected.

And thank you for watching this tutorial.

Graphic:

Wells Fargo

©2026 Wells Fargo Bank, N.A. All rights reserved.