Back to Glossary

Business Email Compromise


What is a business email compromise?

A business email compromise (BEC) is a type of scam that targets businesses, particularly those with high financial transactions. The attack usually involves an email that appears to come from a legitimate source, such as a CEO or a trusted vendor, asking the recipient to perform an action such as transferring funds or sharing sensitive information. The goal is to deceive the recipient into following the attacker’s instructions, which can lead to significant financial losses or data breaches.

Why are BEC attacks important for businesses to be aware of?

BEC attacks are important to be aware of because they have become increasingly prevalent and sophisticated. According to the FBI’s Internet Crime Complaint Center, BEC scams accounted for more than $2.1 billion in losses (pdf) in 2021. These attacks can be challenging to detect because they often involve the use of legitimate business communication and may come from a credible source.

What are the signs of a BEC attack?

  1. Unusual requests: Any request for a payment or sensitive information that seems unusual or unexpected should be scrutinized.
  2. Changes in account details: If you receive an email that claims to be from a vendor or supplier with updated payment information, verify the change by calling the company directly.
  3. Domain spoofing: Attackers may use a domain name that is very similar to the legitimate domain of a company to deceive recipients.
  4. Time-sensitive requests: Requests typically target employees imitating an executive or boss. The requests are often centered around “last minute requests” and try to trigger an emotional response from the employee

What measures can you take to protect against BEC attacks?

  1. Implement multi-factor authentication (MFA) for all email accounts to prevent unauthorized access.
  2. Train employees to recognize phishing and BEC scams, including suspicious requests or changes in payment information.
  3. Use email filters to block messages from suspicious domains or addresses.
  4. Establish protocols for verifying any changes in payment information, such as requiring a phone call or in-person confirmation.
  5. Regularly review financial accounts and activity for any signs of unauthorized transactions.

Also Known As:

  • Email account compromise (EAC)
  • CEO fraud
  • Whaling

Ready to get started?

Try it free. No credit card required. Instant set-up.