7 Signs of Business Email Fraud


Companies rely on email for most communications — e.g., interacting with customers, running marketing campaigns, negotiating contracts with suppliers and managing a distributed workforce. While email offers various benefits, including speed and efficiency, its users can often fall victim to fraud due to the platform’s prevalence and success.

In fact, email is widely exploited by hackers for the execution of sophisticated phishing attacks, targeting commercially sensitive and personally identifiable information and costing hundreds of millions of dollars to businesses every year.

Fortunately, detecting and preventing email scams is possible even if you are not a cybersecurity expert. As a founder, manager or employee, you can significantly reduce the risk of data loss in your organization by being aware of the typical signs of business email fraud.

1. Web-Based Free Email Accounts

Anyone with an internet connection can create a free email account and use a generic address like companyabc@mail.com to send fraudulent messages. In contrast, only verified domain owners have the ability to set up and allocate custom email addresses, such as employee@companyabc.com or ceo@businessdec.com.

This being said, there is no reason for a sound organization to allow employees to make contact with customers, suppliers or any stakeholder using free or personal email accounts, especially not if confidential data is involved.

2. Urgency

It is in scammers’ best interest to carry out phishing attacks quickly. As time goes by, targets are more likely to notice that something is off and take measures to warn their colleagues, organization and third parties against suspicious emails. That is why cybercriminals come up with all sorts of pressing reasons (see examples below) to justify speedy money transfers or the disclosure of private and financial details:

  • Time-sensitive deal with a new customer
  • Breach of contract and lawsuit
  • Overdue invoice and penalty for late payments
  • Account suspension and service disruption

3. Unpolished Communications

Brands know that their reputations are on the line in every communication sent externally and spend a lot of effort perfecting messages, personalizing campaigns and checking drafts for errors. Generic greetings, grammar mistakes and bad formatting are all signals of “phishy” email messages.

4. Follow-Ups via Email Only

Fraudsters are wary of revealing too much about themselves to avoid compromising their fake identities. You can leverage that fact to spot email scams. For instance, when someone makes an unusual or urgent request, ask to follow up on the phone or face to face. Any legitimate sender will see no objection, whereas an impersonator is probably going to give excuses not to talk or meet and insist on communicating exclusively via email.

5. Odd URLs and Domains

Many email scams use external links to redirect potential victims to a fake homepage or formwhere personal and financial data is then collected. These phishing messages can look very convincing at first glance but usually exhibit one or more red flags. For example:

  • Inconsistent embedded links, where the display and destination URLs do not match
  • A domain and email address different than the one used in past brand communications
  • Shortened URLs, masking the actual destination
  • A URL name that is missing a character, e.g., http:// instead of https:// or website.com rather than website.com/

6. No Multichannel Support

Scammers find it advantageous to impersonate known entities that inspire trust and credibility in order to boost the success rates of their attacks. However, while it’s one thing to forge an email address, it’s another to mimic an entire customer support department and social media accounts.

Large organizations – and, increasingly, small and medium-sized businesses – invest heavily in customer experience and offer various options for recipients to talk to a representative to resolve doubts and answer questions. Cybercriminals, on the contrary, do not want their targets to reach out for support. If you are unsure about the source of a message, try contacting the company using official customer support channels to clarify what is happening and check whether a request for information is legitimate.

7. Doubtful Attachments

Another common phishing technique consists of including one or more malicious attachments to deceitful emails and prompting recipients to download and open them to complete a task. These files may contain viruses or other forms of malware designed to damage, alter or retrieve data, infect servers and networks or lock systems until a ransom is paid in exchange for a decryption key.

To avoid the above, beware of attachments in general, particularly from unknown senders or the following types of attachments:

  • .7z, .rar, .zip and other compressed files
  • .bat, .cmd, .exe, .hta, .jar, .js, .msi and extensions used to run code
  • .docm, .pptm and .xlsm macro-enabled documents