Business email compromise scams, also known as BEC scams, are targeted online frauds where criminals use compromised, spoofed or lookalike email accounts to deceive a business, employee, supplier or client. The goal is usually to redirect a legitimate payment, change bank account details, obtain confidential information, or cause an urgent transfer to an account controlled by the scammer.
BEC scams can look very similar to invoice redirection scams, but business email compromise scams are broader than invoice-only fraud. A business email compromise scam may involve a supplier email account being taken over, a fake domain that looks almost identical to the real business, or an email that appears to come from a director, manager, accounts employee, conveyancer, accountant or other trusted person. The scammer relies on trust, urgency and normal business processes to make the request appear routine.
Common BEC scam examples include emails asking staff to pay a new invoice, update supplier banking details, transfer funds urgently, purchase gift cards, send payroll information, or release sensitive client or business records. In some cases the email trail may be monitored for weeks before the scammer intervenes at the point where money or confidential information is about to move.
Business email compromise scams are often discovered only after the real supplier, client or internal accounts team follows up about a missing payment. By that stage the funds may have already moved through mule accounts, cryptocurrency exchanges or overseas banking channels, making fast evidence preservation and recovery action important.
Prevention is the best protection. Businesses should verify any request to change payment details by using a known phone number or a separate trusted communication channel, not by replying to the email that made the request. Staff should be trained to treat urgent payment requests, new bank details, unusual senior-management instructions and unexpected attachments as warning signs.
If you believe you have been affected by a business email compromise scam or BEC scam, contact your financial institution immediately, preserve the relevant emails and headers, report the matter to police or ReportCyber, and seek professional assistance as early as possible.
Business Email Compromise help from OFI
Simon Smith of Official Intelligence Pty Ltd (OFI) provides specialist digital forensic and expert assistance for people and organisations affected by business email compromise scams. These matters are often not just about finding the scammer. They can also turn on which party had the relevant security failure, who held the compromised account or system, what warnings were missed, and whether a bank, insurer, conveyancer, business, supplier or customer should carry responsibility for the loss.
OFI investigates the digital forensic artefacts that usually decide those questions, including original emails and EML files, message headers, mailbox rules, authentication records, domain and lookalike-domain evidence, login records, IP and traffic logs, cloud account activity, payment timing, correspondence trails, and business process evidence. The purpose is to identify the most likely point of compromise, separate genuine communications from impostor communications, and explain the technical evidence in a way that can be used by victims, insurers, lawyers, conveyancers, accountants, tradies, businesses and financial institutions.
This work is especially important in AFCA and bank compensation matters, where one party alleges that a bank or financial firm should compensate them for a BEC loss. A properly prepared forensic review can help show whether the loss was caused by customer-side compromise, supplier-side compromise, conveyancer or professional-services compromise, third-party platform exposure, payment redirection, inadequate verification, or a failure to respond to warning signs. OFI can assist with early triage, evidence preservation, written technical reports, expert witness work, and technical support for complaints, insurance claims and disputes.
Three BEC services available through OFI
1. BEC incident triage and evidence preservation. OFI can review the immediate facts, identify what evidence must be preserved, request the right original email files and logs, and help prevent important artefacts being lost while the matter is still active.
2. BEC forensic investigation and liability analysis. OFI can audit emails, headers, account activity, traffic and access logs, payment instructions, third-party platform evidence and business workflows to determine where the compromise most likely occurred and which side of the dispute the technical evidence supports.
3. AFCA, insurance and expert-report support. OFI can prepare confidential technical reports, expert witness reports and supporting analysis for AFCA complaints, insurance claims, legal disputes, conveyancing matters and bank compensation claims arising from business email compromise scams.