What Is Business Email Compromise?
Business Email Compromise (BEC) is a type of email cybercrime scam in which an attacker targets businesses to defraud the company. Business Email Compromise is a growing problem that targets organizations of all sizes across every industry around the world. Consequently, BEC scams have exposed organizations to billions of dollars in losses.
BEC is difficult to detect and prevent, especially with legacy tools, point products and native cloud platform defenses.
5 Major Types of Business Email Compromise
- The Bogus Invoice Scheme: Companies with foreign suppliers are often targeted with this tactic, wherein attackers pretend to be the suppliers requesting fund transfers for payments to an account owned by fraudsters.
- CEO Fraud: Attackers pose as the company CEO or any executive and send an email to employees in finance, requesting them to transfer money to the account they control.
- Account Compromise: An executive or employee’s email account is hacked and used to request invoice payments to vendors listed in their email contacts. Payments are then sent to fraudulent bank accounts.
- Attorney Impersonation: Attackers pretend to be a lawyer or someone from the law firm supposedly in charge of crucial and confidential matters. Normally, such bogus requests are done through email or phone and during the end of the business day.
- Data Theft: Employees under HR and bookkeeping are targeted to obtain personally identifiable information (PII) or tax statements of employees and executives. Such data can be used for future attacks.
Because these scams do not have any malicious links or attachments, they can evade traditional solutions. Employee training and awareness can help businesses spot these type of scams!
Protecting Your Business From BEC
You and your employees are the first line of defense against Business Email Compromise. A strong security program paired with employee education about the warning signs, safe practices and responses to a suspected takeover are essential to protecting your company and customers.