Business Email Compromise (BEC) is a cyberattack where the victim receives an email that appears to come from a trusted business or individual and generally contains a phishing link, a malicious attachment, request for sensitive information or a request of payment for a business purpose. Cybercriminals may pretend to be senior-level employees, suppliers, vendors, business partners or other organizations. Unlike phishing attacks that target a large group of people, BEC attacks target individuals, which makes them harder to detect and potentially more damaging. BEC is a threat that all businesses, regardless of size or industry, should take seriously.
Common BEC Attacks
- False invoice schemes—Cybercriminals pretend to be business suppliers and request fund transfers to pay an invoice.
- Account compromise—Cybercriminals hack into an executive or employee account to request invoice payments directly from vendors.
- Attorney impersonation—Hackers impersonate a corporate lawyer or law firm to request an immediate transfer of funds.
- Data theft—Criminals pose as HR professionals or employees in other functional roles to obtain personally identifiable information or tax
statements from other employees or executives. - CEO fraud—Criminals pose as high-level executives to request wire transfers.
How to Spot a BEC Attack
While it's not easy to spot a BEC attack, here are some common signs to watch out for:
Generic terms or lack of personalization
A sense of urgency or threatening language
Variations to email addresses or company websites
Requests to send personal or financial information
Unfamiliar names or images
What You Can Do
BEC attacks can cause both financial and reputational harm so it is important to consider implementing cybersecurity practices to help reduce the risk to your business. Here are some tips:
- Educate employees. Teach your employees to look out for emails making requests, never click suspicious links and report any suspected BEC attack to IT.
- Implement effective payment protocols. Ensure employees in charge of financial operations carefully analyze invoices for validity and discuss them in person whenever possible.
- Restrict access to sensitive data. Only provide access to sensitive data to trusted and experienced employees who require this information to conduct their work tasks.
- Utilize security features. Make sure all company computers and other devices have adequate security, such as antivirus and malware prevention programs, email spam filters, data encryption capabilities and a firewall.
- Have a plan. Ensure your organization has an effective cyber incident response plan that specifically addresses response protocols and
mitigation measures for BEC attacks.