Business Email Compromise (BEC)
Targets executives or finance teams with the intent to defraud companies.
Business email compromise (BEC) is a type of phishing scam targeting companies for financial gain. These scams typically target executive-level employees or individuals involved in finance that could request or initiate wire transfers or other types of money transfer scams. Cybercriminals sometimes spoof an email address with a similar name of an executive or a vendor familiar with the company. They can also employ spear phishing to access the email credentials of individuals in the organizations and send BEC attacks from compromised accounts. These spoofed or compromised emails are then used to request a fraudulent wire transfer. These BEC attacks lead to millions in losses to companies every year.
BEC attacks often request for funds to be sent, or wire transferred to pay an invoice or for a service. The targets are often employees that have access to bank information, like accounts payable or finance.
Mostly delivered through email, but cybercriminals are also having success with this type of scam through SMS text messaging. Some sample subject lines include urgent, request for payment, and transfer.
There are five categories of BEC scams
- Fake Invoices- Companies with international vendors are often the target of these attacks, where cybercriminals impersonate vendors requesting fund transfers for payments to an account owned by cybercriminals.
- CEO Fraud: When a cybercriminal poses as the CEO or executive or an organization and asks employees to transfer money or send gift cards.
- Account Take Over When an employee’s account has been hacked and used to request payments using email contacts and sent from the legitimate email address. Then payments are sent to cybercriminal’s bank accounts instead of the actual vendor.
- Attorney Impersonation- Cybercriminals impersonating a lawyer asking for fraudulent requests to gather confidential information.
- Data Exfiltration – HR or Accounts Payable Employees are targeted to obtain personally identifiable information (PII) or tax statements of employees and executives to use in future attacks.
SlashNext Blog | Business Emai Compromise BEC
Today, while man-in-the-middle (MiTM) attacks are still a big concern, the security endpoint has changed to the browser, creating a MiTB phishing threat that poses real danger.
It’s Time to Get Started with SlashNext
Learn how to leverage the industry’s best zero-hour phishing protection and IR solutions in your environment.