Business Email Compromise (BEC)

Targets executives or finance teams with the intent to defraud companies.

Business email compromise (BEC) is a type of phishing scam targeting companies for financial gain. These scams typically target executive-level employees or individuals involved in finance that could request or initiate wire transfers or other types of money transfer scams. Cybercriminals sometimes spoof an email address with a similar name of an executive or a vendor familiar with the company. They can also employ spear phishing to access the email credentials of individuals in the organizations and send BEC attacks from compromised accounts. These spoofed or compromised emails are then used to request a fraudulent wire transfer. These BEC attacks lead to millions in losses to companies every year. 

BEC attacks often request for funds to be sent, or wire transferred to pay an invoice or for a service. The targets are often employees that have access to bank information, like accounts payable or finance.  

Mostly delivered through email, but cybercriminals are also having success with this type of scam through SMS text messaging. Some sample subject lines include urgent, request for payment, and transfer.

There are five categories of BEC scams

  • Fake Invoices- Companies with international vendors are often the target of these attacks, where cybercriminals impersonate vendors requesting fund transfers for payments to an account owned by cybercriminals. 
  • CEO Fraud: When a cybercriminal poses as the CEO or executive or an organization and asks employees to transfer money or send gift cards.
  • Account Take Over When an employee’s account has been hacked and used to request payments using email contacts and sent from the legitimate email address. Then payments are sent to cybercriminal’s bank accounts instead of the actual vendor.
  • Attorney Impersonation- Cybercriminals impersonating a lawyer asking for fraudulent requests to gather confidential information.
  • Data Exfiltration – HR or Accounts Payable Employees are targeted to obtain personally identifiable information (PII) or tax statements of employees and executives to use in future attacks.

SlashNext Blog | Business Emai Compromise BEC

Phishing Threats

Today, while man-in-the-middle (MiTM) attacks are still a big concern, the security endpoint has changed to the browser, creating a MiTB phishing threat that poses real danger.

In recent years phishing has become the number one threat action over malware. Recent workforce changes spurred by the pandemic has led to an exponential increase in phishing attacks.


Just how prevalent are these phishing callbacks and C2 infections? In every client install we perform – 100 percent! – we see C2 infections and callbacks. Are you compromised?

In 2020 phishing exploded as the world faced a 100-year pandemic and many people moved to remote working and learning, which changed the phishing threat landscape forever. 

It’s Time to Get Started with SlashNext

Learn how to leverage the industry’s best zero-hour phishing protection and IR solutions in your environment.

6701 Koll Center Parkway, Suite 250
Pleasanton CA 94566


Privacy Policy

© All Rights Reserved, SlashNext, Inc.

Close Menu

Ready to See SlashNext in Action?

Sign up for a demo today