Nicosia, Cyprus. Police on Tuesday warned businesses and employees to guard against rising fraud involving compromised email accounts, known as Business Email Compromise (BEC). The Cybercrime unit said criminals use compromised or spoofed addresses to impersonate trusted contacts and steal funds.
How the scams work
The Cybercrime unit said attackers gain access to corporate email accounts or create near-identical addresses to impersonate trusted contacts and trick victims into transferring money.
Who is targeted
Police said scammers often target staff who handle payments, sending convincing requests to change bank details or settle invoices. Authorities said companies that rely on international wire transfers are particularly at risk.
Where the money goes
Police said funds are diverted to accounts controlled by criminals.
Recommended steps for businesses
Police urged businesses to train staff to recognise such scams and to introduce strict verification procedures for payment requests. Employees should check any change in bank details directly with suppliers using known contact information, not details provided in suspicious messages.
Managing public information
Firms were also advised to limit sensitive information shared online and review what is published about contracts and partners.
Police advice
Police said vigilance and basic verification are the best defence against evolving email fraud targeting organisations.
What payment verification steps has your organisation put in place to reduce the risk of Business Email Compromise fraud?
