(403) 488-3333

What is Business Email Compromise (BEC)?

Business email compromise (BEC), sometimes known as email account compromise (EAC), is one of the most financially damaging online crimes, and also one of the most common. It exploits the fact that so many of us rely on email to conduct business, both personal and professional.

In a BEC scam, criminals send an email message that appears to come from a known source making a legitimate request, like in these examples:

How do Business Email Compromise scams work?

  1. Spoof an email account or website. Slight variations on legitimate addresses ([email protected] vs. [email protected]) fool victims into thinking fake accounts are authentic.
  2. Spearphishing emails. These messages look like they’re from a trusted sender to trick victims into revealing confidential information. That information lets criminals access company accounts, calendars, and data that gives them the details they need to carry out the BEC schemes.
  3. Malware. Malicious software can infiltrate company networks and gain access to legitimate email threads about billing and invoices. That information is used to time requests or send messages so accountants or financial officers don’t question payment requests. Malware also lets criminals gain undetected access to a victim’s data, including passwords and financial account information.

Business Email Compromise Explains


How to Protect Yourself

If you have any questions on how you can protect your business from Business Email Compromise threats, contact us today!