In a business email compromise (BEC) attack, an attacker will take control of someone's email account, either by purchasing the login credentials on the dark web, cracking the password, or phishing the information. The attacker will use this account to begin sending emails to individuals on the accounts contact list. These emails might contain links that will spread malware when clicked. Other times the emails contain requests for payment. This is particularly concerning because users are highly likely to click a link or trust a request that they think was sent to them by a friend or coworker.
Business email compromise is a social engineering tactic that is frequently being deployed due to its high success rate.Learn the signs and don't fall victim to this popular social engineering tactic. While BEC attacks can play out in many different ways, here's how a typical BEC attack unfolds:
If an attacker compromises a CEO's email account then they will often send emails to the finance department directing them to make an urgent money transfer to a specific bank account. These attacks are often successful by instilling a sense of urgency in the recipient so that they don't think twice about what they're doing.
Put a stop to this fraud with email security and impersonation protection as well as user awareness training. Book a virtual meeting with one of our technology experts to learn how we can protect your organization.