- 14-Jun-2022
Business Email Compromise (BEC) Explained
What is Business Email Compromise? Business email compromise (BEC) is a type of targeted phishing (spear phishing) in which a threat actor either accesses or mimics a genuine business email account to defraud the business. This tactic relies on exploiting the assumed trust that victims have in emails coming from what appear to be genuine sources. Often, these scams target employees working in financial departments or executives who have the power to transfer money from business accounts to bank accounts under the control of the threat actor. BEC is a notably high-cost type of phishing attack. In fact, the FBI released a Public Service Announcement in 2022 outlining that BEC cost companies an estimated $43 billion between 2016 and 2021.