What is Business Email Compromise (BEC)?
Business Email Compromise (BEC) – also referred to as a man-in-the-email attack – occurs when a hacker impersonates an executive, sending emails as the executive to trick employees into transferring funds, sending sensitive data, or opening a malicious attachment. These attacks can use compromised internal addresses or addresses that look similar to those within the network.
How to Recognize This Threat: Employees should be suspicious of emails asking for the transfer of funds or data outside of normal operating procedure, as well as any inconsistency in language. In these scams, hackers typically do extensive research into their targets, but they are still likely to miss a key detail or two.
How to Prevent This Threat: Well-trained employees with well-established procedures should know not to jump at these suspicious messages. Robust email security should be in place to protect your network. It can even be configured to flag emails with keywords like “transfer,” “payment,” etc. so that they receive extra attention.