When a business has its email accounts compromised, this is a form of cyber crime that often affects companies who interact with vendors and suppliers. A criminal will contact a business posing as a contractor with a fake invoice or fraudulent request for payment information to be updated.

Unlike standard phishing emails that are sent out indiscriminately to millions of people, these types of attacks are crafted to appeal to specific individuals, and can be even harder to detect. These attacks are typically sent to executives or budget holders within organisations to trick staff into transferring funds, or revealing sensitive information. This type of phishing attack is known as ‘Whaling’, as it targets the senior personnel in your organisation.  

In this situation, the criminal may pose as an employee, manager or CEO within a company and send an email to an employee who works in a financial dept. and ask to update their bank account information for salary payments or to update payment information for a supplier which turns out to be a fraudulent account, often with a sense of urgency. This additional pressure of urgency, may make an employee act quickly without considering the legitimacy of the request.

In a lot of cases, this attack can also involve an attempt to compromise your email account through a phishing email. Once the account is compromised, the criminals use the unlawful access to obtain information about trusted contacts, exfiltrate sensitive information, attempt to redirect bank transfer payments, create fake and fraudulent invoices/payments or use the account to further support or facilitate more cyber crime.

As more employees return to the office, be especially aware of invoice or payment email requests. Always be sceptical of urgent and hurried requests to transfer money or pay invoices. If you are unsure of an email, verify these requests by contacting the sender by another means, such as by phone to confirm what is being asked.


You can forward any suspicious emails that you receive to the NCSC Suspicious Email Reporting Service (SERS) at [email protected]

Contact Police Scotland on 101 if you have been a victim of Business Email Compromise or any other fraud.

Related content

Get involved in CyberScotland Week 2022

CyberScotland Week, Scotland’s annual week-long festival of events on cyber awareness, cyber careers, and innovation in cyber security, is to return next year. Running for its fourth year, CyberScotland Week is taking place from 28th February – 6th March 2022. […]

Charity Fraud Awareness Week 18th – 22nd October

Charity Fraud Awareness Week (18 – 22 October 2021) is an award-winning campaign run by a partnership of charities, regulators, law enforcers, representative and umbrella bodies, and other not-for-profit stakeholders from across the world.

Developing An Incident Response Plan

Developing an incident response plan is a critical step towards preparing a robust and effective incident management and technical response capability. Good incident management will help reduce the financial and operational impact on your business.

UK Government launch the UK National Cyber Strategy

The UK Government has published its new National Cyber Strategy. This strategy sets out the government’s approach to protecting and promoting the UK’s interests in cyberspace. Their plan is to ensure that the UK continues to be a leading responsible […]

Back to top of the page