What is Business Email Compromise?
Business Email Compromise (BEC) refers to fraudulent emails used by cybercriminals to imitate the identity of another party or person in order to scam or defraud a company, its employees, clients and others.
Unlike traditional phishing scams, BEC attacks are more customised and personalised towards the victims. In order to carry out their attacks, perpetrators either gain unauthorised access to a legitimate email account or create a spoof account with an almost identical corporate email address to prey on unsuspecting victims.
For example, for the email address johndoe@DOE.com, cybercriminals would create a similar email address such as johndoe@D0E.com. In this example, the alphabet O is replaced with the number 0. Victims that don’t notice tiny but important details will just continue to correspond with them like nothing is wrong. This method is called domain spoofing, but there are other tactics and social engineering methods used in BEC attacks.
Once they have chosen the email address that they think will work on their victim(s) based on prior research, BEC attackers will often come up with a convincing scenario to trick the victim into transferring money or making payment to an account that belongs to them.
They could, for example, send a notification to a supplier to request payment by attaching a false invoice, or pretend to be a high-ranking business executive and trick employees in finance into transferring money into his/her account. Besides money, cybercriminals may even attempt to steal valuable trade secrets or information through BEC.
The more the attackers spend time researching and getting to know various aspects of an organisation and its people, the more convincing they can make their BEC campaigns.