1 min read
Business email compromise: red flags worth a phone call
The phrases and patterns that should trigger a pause before anyone moves money.

Business email compromise remains one of the costliest SMB crimes because it looks like ordinary work.
Pause if you see
- New banking details “from” a vendor
- Urgency + secrecy (“don’t tell finance yet”)
- Slightly wrong domains (
qutzl-net.comvsqutzl.net) - Gift-card or crypto requests from an executive
A simple control
Dual control for payment changes: email starts the request, and a known phone number confirms it.
After a suspected incident
Do not wipe the mailbox before preserving headers. Call your bank and your IT partner early.
Submit a ticket if you need help investigating suspicious mail.
