What is Business Email Compromise (BEC)?

Business email compromise (BEC) is a type of email cyber crime scam in which an attacker targets
businesses to defraud the company. Business email compromise is an email scam in which fraudsters
pose as a trusted authority to target and attack organizations. By gaining access to vulnerabilities in
your email channels, BEC scammers can take over your account and destroy your business
reputation, causing serious financial.

It has been estimated that the business email compromise scam extracted $3 billion in losses from
more than 13,000 organizations around the world in 2015. Business Email Compromise (BEC) attacks
are sophisticated email-based scams, often directed at high-level executives at organizations. The
FBI estimates the BEC scam problem costs businesses around the world billions of dollars per year.

Types of Business Email Compromise:-

  CEO Fraud
 Account Compromise
 False Invoice Scheme
 Attorney Impersonation
 Data Theft

How Do BEC Attacks Work?

Business Email Compromise (BEC) attacks are a real threat. An attacker poses as someone the
recipient should trust — typically a colleague, boss or vendor — and sends an email asking for a wire
transfer, payroll change or other action. BEC stands for Business Email Compromise.

It is a type of cyber-attack where the fraudsters impersonate the CEO or another executive director
of a company and contacts an employee to request a wire transfer on their behalf.
On 2016, 20% of phishing attacks used Business Email Compromise (BEC). Business Email
Compromise scams are increasingly common, and difficult to detect.

Companies can reduce the risk of BEC attacks by training employees to identify and avoid suspicious
requests for funds, authenticate all incoming wire transfer requests, and check with trusted senders.

The FBI estimates that BEC attacks have resulted in losses of over $12 billion so far. The three
primary targets for BEC are the financial sector, various public and private organizations (including
information technology), and high-reputation individuals. Domain spoofing and lookalike attacks are
growing exponentially.

UpGuard can help you decipher the threats against your organization’s identity. BEC and Business
Email Compromise is a sophisticated form of phishing for organizations' money and the personal and
financial data that employees unwittingly share with attackers.

It's a type of "advanced fee fraud" that involves tricking employees into accessing. By understanding
the problem, you can protect your brand and prevent domain spoofing.