2) Fake invoices
Business email compromise—in which a scammer infiltrates or spoofs legitimate email accounts to redirect money—is “one of the most financially damaging online crimes,” according to the Federal Bureau of Investigation.
In some cases, a scammer will break into a finance worker’s email account and spend weeks learning the patterns of when and how certain companies tend to send invoices. Then, they’ll set up a filter to automatically direct future invoices into a “trash” or “spam” folder—and either change the routing and bank account numbers before placing it back in the inbox, or generate their own message and invoice that looks the same, but with their own financial information.
If a scammer has infiltrated email addresses of top executives or supervisors, they can even create fake email exchanges pretending to approve the change in payment, to make it look more believable.
“It looks perfectly legitimate. The email