Qutzl Insights

Advertisement

1 min read

Business email compromise: red flags worth a phone call

The phrases and patterns that should trigger a pause before anyone moves money.

By Michael NarehoodSecurity

Business email compromise remains one of the costliest SMB crimes because it looks like ordinary work.

Pause if you see

  • New banking details “from” a vendor
  • Urgency + secrecy (“don’t tell finance yet”)
  • Slightly wrong domains (qutzl-net.com vs qutzl.net)
  • Gift-card or crypto requests from an executive

A simple control

Dual control for payment changes: email starts the request, and a known phone number confirms it.

After a suspected incident

Do not wipe the mailbox before preserving headers. Call your bank and your IT partner early.

Submit a ticket if you need help investigating suspicious mail.