Scammers are Targeting Email Inboxes. Here’s What to Watch For.

by the editorial team at Citi |November 29, 2023

Many of the things we do during a typical workday are so routine and ingrained that we barely think about them as we’re doing them. Clearing out an overflowing email inbox is one of those things, and that’s what makes business email a prime target for scammers.

Of all the cybercrimes consumers can face, business email compromise (BEC) is one of the most damaging, according to the FBI’s 2023 annual Internet Crime Report, costing Americans $2.57 billion in losses. Behind that daunting figure is a surprisingly simple tactic: In a BEC scam, fraudsters send a seemingly ordinary email that appears to be a legitimate request for funds from a familiar source.

How it works

A BEC scammer will create a fake email account or website (or both), and then send you a message that appears to be from a trusted source, demanding payment or requesting confidential information. “Scammers will look for opportunities to insert themselves into your normal transactions to change the destination of the funds,” says Kenneth Conner, vice president of scam policy and communications at Citi. Once a wire transfer or ACH payment is executed, there often is little or nothing the payee can do to recoup their money.

Commonly targeted scenarios include:

  1. Real estate closings: Scammers claim to be the title or real estate agent, or closing attorney, and send different payment details.
  2. Vendor impersonation: Scammers pose as representatives of a company or government agency and advise that an invoice must be paid immediately to avoid a negative consequence. They may ask for a wire transfer to a fraudulent bank account or other means of payment, such as a check or ACH transfer.  
  3. CEO/executive impersonation: Scammers purport to be the CEO or executive of a company. They request that an employee within the accounting or finance department transfer funds to an attacker-controlled account.



How to protect yourself

Knowing what to look for is key to avoid becoming a victim of an email scam. Always confirm details with the parties involved. Some scammers use hacked email accounts, so it’s important to verify that the sender is not a scammer even if the email appears legitimate. Try calling or texting an associated phone number, or interact on a trusted mobile app or chat channel. 

Scammers often use fraudulent email addresses that may closely resemble a legitimate one that you may have communicated with in the past. The addition or removal of a single character in an email address may be difficult to spot at first glance. For example, a scammer may change the .com in an email address to .corn. In this case, the scammer replaced the letter “m” with the letters “r” and “n.”

Always be wary of emails marked “urgent” or “confidential.” Scammers will often use these or similar words in the subject line or in the ­content of the email. This should be your cue to slow down and review the email carefully for accuracy and to reach out directly to the sender to validate the request.

Add a layer of security

Putting extra protocols in place, such as multi-factor authentication on any accounts that don’t already have it, can be helpful too. “You might want to change your process to require two employees instead of one to approve transfers to a new account or if there's a change to the bank account after the order is placed,” Conner adds.

A quick response is crucial to mitigate any type of scam, so you’ll want to make sure you know what to do if fraud is suspected – and that the employees around you do too.  Have a clear plan for escalating the issue at work, and if it’s your personal finances that are under attack, contact your financial institution right away so they can guide you on the next steps to take. Remember: When in doubt, do not send money.

Bookmark our scam awareness site,, for the latest updates on common scams and how to spot them.


The content reflects the view of the authors of the article and does not necessarily reflect the views of Citi or its employees, and we do not guarantee the accuracy or completeness of the information presented in the article.