BEC in 60sec - Business email compromise
In this video, we’ll provide an in-depth explanation on business email compromise. Learn more about BEC here:
- What is the goal of business email compromise: https://egress.co/uepLI
- Three examples of business email compromise: https://egress.co/uepLJ
- Things to do after a BEC attack: https://egress.co/uepLM
Business email compromise, or 'BEC', presents a growing problem for organisations of all sizes. In fact, over 6,000 businesses are targeted each month, making the UK the second most targeted region (26%) after the US (39%). That's why you and your colleagues should be aware of the tell-tale signs of a BEC attack and what you can do to avoid falling prey to phishing attempts.
Do you have any questions about business email compromise?
Let us know in the comments section below!
Egress is a cybersecurity company dedicated to helping organizations secure their data inbound & outbound. Learn more about Egress at https://www.egress.com/
- Read more about best practices on BEC & other ways of phishing with our Ultimate guide & our topic hub:
Subscribe to our YouTube channel: https://www.youtube.com/c/EgressSoftwareTechnologies for more videos about Phishing.
Business email compromise explained in 60 seconds
Business email compromise, or BEC, is a type of email impersonation attack.
In a BEC attack, cybercriminals pose as a trusted source, such as one of your senior executives or vendors.
They’ll then attempt to defraud the business with a fraudulent invoice or payment request or ask their victim to reveal sensitive information.
Cybercriminals carefully research their targets to make the attack convincing. They’ll then use a spoofed email address or a compromised account to send their attack.
BEC relies on tricking employees with text-based emails rather than malicious links or malware and can also involve sophisticated social engineering.
This makes it very hard for traditional email security to detect BEC attacks.
That’s why organizations need to defend themselves with intelligent anti-phishing software that analyzes both the content and context of emails.