{"id":11305,"date":"2024-06-19T15:09:09","date_gmt":"2024-06-19T09:39:09","guid":{"rendered":"https:\/\/threatcop.com\/blog\/?p=11305"},"modified":"2024-06-19T15:24:25","modified_gmt":"2024-06-19T09:54:25","slug":"email-compromise-tops-in-the-threat-landscape","status":"publish","type":"post","link":"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/","title":{"rendered":"Email Compromise Tops in the Threat Landscape"},"content":{"rendered":"<p style=\"text-align: justify;\"><span style=\"color: #000000;\">Email is the playground for cybercriminals and Business Email Compromise (BEC) is still the top threat. According to the FBI\u2019s Internet Crime Complaint Center (IC3), BEC attacks accounted for over $4.3 billion in losses reported to the agency in 2023. This staggering figure highlights the continued dominance of BEC scams as a major cyber threat. This blog post draws insights from new research by Kroll which explores the prevalence of BEC attacks.<\/span><\/p><div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 ez-toc-wrap-center counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #414141;color:#414141\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #414141;color:#414141\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/#What_is_a_BEC_Attack_and_How_Does_it_Work\" >What is a BEC Attack and How Does it Work?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/#Email_Compromise_Continues_to_Dominate_as_Top_Threat\" >Email Compromise Continues to Dominate as Top Threat\u00a0<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/#Why_Hackers_Succeed_and_How_to_Stop_Them\" >Why Hackers Succeed and How to Stop Them<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/#How_Threatcop_DMARC_Can_Help_to_Stop_BEC_Attacks\" >How Threatcop DMARC Can Help to Stop BEC Attacks?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/#Securing_Your_Business_with_Threatcop_DMARC\" >Securing Your Business with Threatcop DMARC<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/#Benefits_of_TDMARC\" >Benefits of TDMARC<\/a><\/li><\/ul><\/nav><\/div>\n\n\n<style type=\"text\/css\">\n      @media print, screen and (max-width: 63.99875em){\n      .tnp-submit\n      width: 48%;\n      }\n      .wp-block-tnp-minimal{\n      padding: 20px;\n      }\n      .blog_para\n      margin-top: 4px !important;\n      line-height: 25px !important;\n      font-size: 15px !important;\n      }\n\n      }\n      .blog_para{\n      font-family: jost,sans-serif;\n      margin-top: 14px;\n      margin-bottom: 30px;\n      color: #fff;\n      font-size: 15px !important;\n      color: black !important;\n\n      }\n\n      .wp-block-tnp-minimal{\n      padding:20px;\n      border: 1px solid grey;\n      }\n\n      .tnp-submit a{\n        background: #1d58c7!important;\n    border-radius: 5px!important;\n    text-transform: inherit!important;\n    padding: 8px 25px!important;\n    font-weight: 600!important;\n    color: #fff!important;\n    width: 30%!important;\n    border: none;\n      }\n\n      .blog_get{\n      font-size: 24px !important;\n      font-weight: 700;\n      padding-bottom: 0px;\n    font-family: 'Poppins' !important;\n      margin-bottom: 0px;\n      margin-top: 0px;\n      margin-bottom: 0px !important;\n      color: white;\n          line-height: 30px;\n          color: white;\n      }\n      .row{\n             display: flex;\n    flex-wrap: wrap;\n    flex-direction: row;\n    padding: 25px 0px 25px 36px;\n    align-items: center;\n\n      }\n\n.colLeft{\n         flex-basis:50%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n    color: white;\n}\n    \n .colRight{\n       flex-basis: 45%;\n    -webkit-box-flex: 0;\n    flex-grow: 0;\n    max-width: 50%;\n }\n\n.tnp-subscription-minimal{\n    float: right;\n}\n<\/style>\n<div style=\"max-width: 741px; margin: 0 auto; background-image: url('https:\/\/awareness.threatcop.ai\/marketing\/linkedinlowerbanner.webp'); background-repeat: no-repeat; background-size: cover; background-position: center; \">\n<div class=\"row\">\n<div class=\"colLeft\">\n<p class=\"blog_get\" style=\"font-family: 'Poppins' !important; color: white !important\">Subscribe to Our Newsletter On Linkedin<\/p>\n<p class=\"blog_para\" style=\"font-size: 16px;font-family: 'Poppins' !important; color: white !important; margin-top: 10px; margin-bottom: 28px;line-height: 25px;\">Sign up to Stay Tuned with the Latest Cyber Security News and Updates<\/p>\n\n<div>\n<div class=\"tnp\" style=\"margin-bottom: 10px;\">\n            <form action=\"https:\/\/threatcop.com\/newsletter-thank-you\" method=\"get\" target=\"_blank\">\n<div class=\"tnp-submit\">\n                  <a class=\"libutton\" href=\"https:\/\/www.linkedin.com\/build-relation\/newsletter-follow?entityUrn=7062043746430783488\" target=\"_blank\" rel=\"noopener\">Subscribe<\/a><\/div>\n<\/form><\/div>\n<\/div>\n<\/div>\n<div class=\"colRight\">\n<div>\n<div class=\"tnp tnp-subscription-minimal \">\n            <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/marketing\/newsletter-icon.webp\" class=\"img-fluid\"><\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"What_is_a_BEC_Attack_and_How_Does_it_Work\"><\/span><span style=\"font-weight: 400;\">What is a BEC Attack and How Does it Work?<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\">Business Email Compromise (BEC) is a sneaky cybercrime where attackers pretend to be someone you trust within your organization to get you to send money or sensitive info. Imagine a scammer posing as your CEO asking for an urgent wire transfer to a new vendor \u2013 that\u2019s BEC.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\">Here\u2019s how BEC attacks work:<\/span><\/p>\n<ol>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"color: #000000;\"><b>Reconnaissance<\/b><span style=\"font-weight: 400;\">: Attackers gather info about your organization through social media or data breaches.<\/span><\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400; color: #000000;\"><strong>Impersonation:<\/strong> They spoof the email of someone you trust, like a CEO, colleague or vendor.<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400; color: #000000;\"><strong>Urgency &amp; Deception:<\/strong> The email creates urgency or leverages a trusted relationship to get you to take action. This could be an urgent wire transfer, change to payment instructions for an existing vendor, or sharing of sensitive data.<\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"font-weight: 400; color: #000000;\"><strong>Financial Gain<\/strong>: The victim believes the email is legit and sends money or info directly to the attacker.<\/span><\/li>\n<\/ol>\n<figure id=\"attachment_11306\" aria-describedby=\"caption-attachment-11306\" style=\"width: 1189px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-11306 size-full\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/how-a-typical-bec-attack-works2.jpg\" alt=\"\" width=\"1189\" height=\"370\" \/><figcaption id=\"caption-attachment-11306\" class=\"wp-caption-text\">(Source: CISCO)<\/figcaption><\/figure>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\"><b>Types of BEC Attacks:<\/b><\/span><\/p>\n<ul>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"color: #000000;\"><b>CEO Fraud:<\/b><span style=\"font-weight: 400;\"> Attackers pretend to be the CEO and email finance department employees to request wire transfers or changes to payment terms for existing vendors.<\/span><\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"color: #000000;\"><b>Vendor Email Fraud:<\/b><span style=\"font-weight: 400;\"> Attackers pretend to be a vendor and email accounts payable to pay fake invoices or change payment details for existing vendors.<\/span><\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"color: #000000;\"><b>Account Takeover (ATO) Fraud: <\/b><span style=\"font-weight: 400;\">Attackers compromise a company email account and use it to launch BEC attacks from inside the organization. This could be an employee, vendor, or client account.<\/span><\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"color: #000000;\"><b>Attorney Impersonation:<\/b><span style=\"font-weight: 400;\"> Attackers pretend to be a lawyer or attorney working with the company and target HR or legal to request employee data or wire transfers.<\/span><\/span><\/li>\n<li style=\"font-weight: 400; text-align: justify;\" aria-level=\"1\"><span style=\"color: #000000;\"><b>W-2 Email Phishing:<\/b><span style=\"font-weight: 400;\"> This scam targets employees during tax season. Attackers pretend to be HR or the payroll company and ask employees to update W-2 tax forms, and employees give up their Social Security numbers.<\/span><\/span><\/li>\n<\/ul>\n<figure id=\"attachment_11307\" aria-describedby=\"caption-attachment-11307\" style=\"width: 1238px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-11307 size-full\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/different-types-of-bec-attacks.jpg\" alt=\"\" width=\"1238\" height=\"523\" \/><figcaption id=\"caption-attachment-11307\" class=\"wp-caption-text\">(Source: CISCO)<\/figcaption><\/figure>\n<h2><span class=\"ez-toc-section\" id=\"Email_Compromise_Continues_to_Dominate_as_Top_Threat\"><\/span><span style=\"font-weight: 400;\">Email Compromise Continues to Dominate as Top Threat\u00a0<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"font-weight: 400; color: #000000;\">Kroll&#8217;s <strong><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/www.kroll.com\/en\/insights\/publications\/cyber\/threat-intelligence-reports\/q1-2024-threat-landscape-report-insider-threat-phishing-evolve-under-ai\">Q1 2024 Cyber Threat Landscape Report<\/a><\/span><\/strong> paints a concerning picture: email compromise attacks are steadily increasing. Their data, spanning the past three quarters, reveals a consistent upward trend in this malicious activity.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\">This research goes beyond just identifying the rise of email compromise. Kroll&#8217;s commentary sheds light on the evolving tactics of attackers. They highlight the shift beyond traditional email phishing, noting an increase in the popularity of methods like &#8220;SMS lures&#8221; and &#8220;voice phishing&#8221; (vishing). This aligns with observations of increasing smishing attacks, further validating Kroll&#8217;s insights into the current threat landscape.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\">Kroll&#8217;s research serves as a wake-up call for organizations. The evolving tactics employed by attackers signify their constant evaluation of what works and what doesn&#8217;t. They adapt their methods to maximize the chances of compromising an email account.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\">However, Kroll leaves us with hope. Their research emphasizes the critical role of security awareness training. By educating users to be vigilant and identify suspicious attempts to steal credentials, organizations can significantly reduce the risk of falling victim to these attacks.<\/span><\/p>\n<figure id=\"attachment_11313\" aria-describedby=\"caption-attachment-11313\" style=\"width: 1656px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-11313 size-full\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/threat-incident.jpg\" alt=\"\" width=\"1656\" height=\"1000\" \/><figcaption id=\"caption-attachment-11313\" class=\"wp-caption-text\">(Source: Kroll)<\/figcaption><\/figure>\n<h2><span class=\"ez-toc-section\" id=\"Why_Hackers_Succeed_and_How_to_Stop_Them\"><\/span><strong>Why Hackers Succeed and How to Stop Them<\/strong><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\">Email compromise attacks succeed because of one thing: human error. Hackers target users who aren\u2019t paying attention and unwittingly give up their credentials. That\u2019s where security awareness training comes in as a hero.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\"><b>Understanding the Vulnerability:<\/b><\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\">Think of a hacker as a magician. Their trickery relies on misdirection and exploiting your blind spots. In the digital world, those blind spots are users who miss red flags in an email or overlook suspicious bits. A well-crafted phishing email can look legit, especially when it uses urgency or impersonation.<\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"color: #000000;\"><b>The Power of Awareness<\/b><\/span><\/p>\n<p style=\"text-align: justify;\"><span style=\"font-weight: 400; color: #000000;\">This is where security awareness training comes in. By training employees, you turn them into cybersecurity detectives. Training teaches them to look out for the telltale signs of phishing, including:<\/span><\/p>\n<ul style=\"text-align: justify;\">\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400; color: #000000;\">Spoofed senders: Is the email from someone you know, but the address is slightly different?<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400; color: #000000;\">Urgency tricks: Is the email asking you to act now without verification?<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400; color: #000000;\">Weird attachments or links: Are you being asked to click a link or download an attachment from someone you don\u2019t know?<\/span><\/li>\n<\/ul>\n<h2 style=\"text-align: justify;\"><span class=\"ez-toc-section\" id=\"How_Threatcop_DMARC_Can_Help_to_Stop_BEC_Attacks\"><\/span><span style=\"color: #000000;\">How Threatcop DMARC Can Help to Stop BEC Attacks?<\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p><span style=\"color: #000000;\">Protecting your business from BEC attacks requires a layered approach. Threatcop DMARC (TDMARC) is the solution. It gives you email authentication, domain monitoring, and anti-spoofing. That means blocking company impersonation, supplier impersonation, lookalike domains, domain spoofing, display name spoofing, and even supplier impersonation domains.<\/span><\/p>\n<h2 data-sourcepos=\"12:1-12:47\"><span class=\"ez-toc-section\" id=\"Securing_Your_Business_with_Threatcop_DMARC\"><\/span>Securing Your Business with Threatcop DMARC<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p data-sourcepos=\"14:1-14:59\"><span style=\"color: #000000;\">Threatcop DMARC (TDMARC) is a powerful tool that helps you:<\/span><\/p>\n<ul data-sourcepos=\"16:1-19:0\">\n<li data-sourcepos=\"16:1-16:102\"><span style=\"color: #000000;\"><strong>Spot Fake Emails:<\/strong> It identifies emails that try to impersonate your company or your suppliers.<\/span><\/li>\n<li data-sourcepos=\"17:1-17:101\"><span style=\"color: #000000;\"><strong>Stop Spoofing:<\/strong> It makes it much harder for scammers to spoof your email address or domain name.<\/span><\/li>\n<li data-sourcepos=\"18:1-19:0\"><span style=\"color: #000000;\"><strong>Stay Compliant:<\/strong> It ensures your email authentication is set up according to industry standards (SPF, DKIM, and DMARC).<\/span><\/li>\n<\/ul>\n<h2 data-sourcepos=\"20:1-20:22\"><span class=\"ez-toc-section\" id=\"Benefits_of_TDMARC\"><\/span>Benefits of TDMARC<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<ul data-sourcepos=\"22:1-27:0\">\n<li data-sourcepos=\"22:1-22:87\"><span style=\"color: #000000;\"><strong>See Who&#8217;s Risky:<\/strong> Identify suppliers most likely to be impersonated in an attack.<\/span><\/li>\n<li data-sourcepos=\"23:1-23:124\"><span style=\"color: #000000;\"><strong>Deep Email Analysis:<\/strong> Analyze various aspects of emails, like sender IP, location, and even the content of the message.<\/span><\/li>\n<li data-sourcepos=\"24:1-24:90\"><span style=\"color: #000000;\"><strong>Find Fake Websites:<\/strong> Uncover websites designed to look like yours or your partners&#8217;.<\/span><\/li>\n<li data-sourcepos=\"25:1-25:94\"><span style=\"color: #000000;\"><strong>Control Your Display Name:<\/strong> Choose how email senders using your domain appear in inboxes.<\/span><\/li>\n<li data-sourcepos=\"26:1-27:0\"><span style=\"color: #000000;\"><strong>Easy BIMI Setup:<\/strong> Simplify the creation and validation of BIMI records, which helps display your company logo next to your emails in some inboxes.<\/span><\/li>\n<\/ul>\n<p><span style=\"color: #000000;\">TDMARC keeps you compliant with email authentication standards (SPF, DKIM, DMARC) and gives you visibility. It shows you high-risk suppliers, analyzes email content for malicious intent and finds fake websites that trick employees. With TDMARC, you can also control how email senders using your domain look.<\/span><\/p>\n<p>\u00a0<\/p>\n<p>\u00a0<\/p>","protected":false},"excerpt":{"rendered":"<p>Email is the playground for cybercriminals and Business Email Compromise (BEC) is still the top threat. According to the FBI\u2019s Internet Crime Complaint Center (IC3), BEC attacks accounted for over $4.3 billion in losses reported to the agency in 2023. This staggering figure highlights the continued dominance of BEC scams as a major cyber threat. [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":11320,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-11305","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-people-security-insights"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Email Compromise Tops in the Threat Landscape | Threatcop<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Email Compromise Tops in the Threat Landscape | Threatcop\" \/>\n<meta property=\"og:description\" content=\"Email is the playground for cybercriminals and Business Email Compromise (BEC) is still the top threat. According to the FBI\u2019s Internet Crime Complaint Center (IC3), BEC attacks accounted for over $4.3 billion in losses reported to the agency in 2023. This staggering figure highlights the continued dominance of BEC scams as a major cyber threat. [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/\" \/>\n<meta property=\"og:site_name\" content=\"Threatcop\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/\" \/>\n<meta property=\"article:published_time\" content=\"2024-06-19T09:39:09+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-06-19T09:54:25+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/www.threatcop.com-2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"2048\" \/>\n\t<meta property=\"og:image:height\" content=\"1169\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ritu Yadav\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatcop\" \/>\n<meta name=\"twitter:site\" content=\"@threatcop\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ritu Yadav\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/email-compromise-tops-in-the-threat-landscape\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/email-compromise-tops-in-the-threat-landscape\\\/\"},\"author\":{\"name\":\"Ritu Yadav\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/22d5f1d29bffa611a2e16b7e46659bce\"},\"headline\":\"Email Compromise Tops in the Threat Landscape\",\"datePublished\":\"2024-06-19T09:39:09+00:00\",\"dateModified\":\"2024-06-19T09:54:25+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/email-compromise-tops-in-the-threat-landscape\\\/\"},\"wordCount\":1008,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/email-compromise-tops-in-the-threat-landscape\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/www.threatcop.com-2.jpg\",\"articleSection\":[\"People Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/email-compromise-tops-in-the-threat-landscape\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/email-compromise-tops-in-the-threat-landscape\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/email-compromise-tops-in-the-threat-landscape\\\/\",\"name\":\"Email Compromise Tops in the Threat Landscape | Threatcop\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/email-compromise-tops-in-the-threat-landscape\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/email-compromise-tops-in-the-threat-landscape\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/www.threatcop.com-2.jpg\",\"datePublished\":\"2024-06-19T09:39:09+00:00\",\"dateModified\":\"2024-06-19T09:54:25+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/email-compromise-tops-in-the-threat-landscape\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/email-compromise-tops-in-the-threat-landscape\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/email-compromise-tops-in-the-threat-landscape\\\/#primaryimage\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/www.threatcop.com-2.jpg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/06\\\/www.threatcop.com-2.jpg\",\"width\":2048,\"height\":1169},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/email-compromise-tops-in-the-threat-landscape\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Email Compromise Tops in the Threat Landscape\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"name\":\"Threatcop\",\"description\":\"Cybersecurity Blogs, News, Updates, and Articles\",\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\",\"name\":\"Threatcop\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/cropped-original-logo-TC.png\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/03\\\/cropped-original-logo-TC.png\",\"width\":951,\"height\":228,\"caption\":\"Threatcop\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/people\\\/Threatcop\\\/100083109892339\\\/\",\"https:\\\/\\\/x.com\\\/threatcop\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/threatcop\\\/\",\"https:\\\/\\\/www.instagram.com\\\/threatcop_official\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/22d5f1d29bffa611a2e16b7e46659bce\",\"name\":\"Ritu Yadav\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/Ritu-edited.jpg\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/Ritu-edited.jpg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/11\\\/Ritu-edited.jpg\",\"caption\":\"Ritu Yadav\"},\"description\":\"Technical Content Writer at Threatcop Ritu Yadav is a seasoned Technical Content Writer at Threatcop, leveraging her extensive experience as a former journalist with leading media organizations. Her expertise bridges the worlds of in-depth research on cybersecurity, delivering informative and engaging content.\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Email Compromise Tops in the Threat Landscape | Threatcop","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/","og_locale":"en_US","og_type":"article","og_title":"Email Compromise Tops in the Threat Landscape | Threatcop","og_description":"Email is the playground for cybercriminals and Business Email Compromise (BEC) is still the top threat. According to the FBI\u2019s Internet Crime Complaint Center (IC3), BEC attacks accounted for over $4.3 billion in losses reported to the agency in 2023. This staggering figure highlights the continued dominance of BEC scams as a major cyber threat. [&hellip;]","og_url":"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/","og_site_name":"Threatcop","article_publisher":"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","article_published_time":"2024-06-19T09:39:09+00:00","article_modified_time":"2024-06-19T09:54:25+00:00","og_image":[{"width":2048,"height":1169,"url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/www.threatcop.com-2.jpg","type":"image\/jpeg"}],"author":"Ritu Yadav","twitter_card":"summary_large_image","twitter_creator":"@threatcop","twitter_site":"@threatcop","twitter_misc":{"Written by":"Ritu Yadav","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/#article","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/"},"author":{"name":"Ritu Yadav","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/22d5f1d29bffa611a2e16b7e46659bce"},"headline":"Email Compromise Tops in the Threat Landscape","datePublished":"2024-06-19T09:39:09+00:00","dateModified":"2024-06-19T09:54:25+00:00","mainEntityOfPage":{"@id":"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/"},"wordCount":1008,"commentCount":0,"publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"image":{"@id":"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/www.threatcop.com-2.jpg","articleSection":["People Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/","url":"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/","name":"Email Compromise Tops in the Threat Landscape | Threatcop","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/#primaryimage"},"image":{"@id":"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/www.threatcop.com-2.jpg","datePublished":"2024-06-19T09:39:09+00:00","dateModified":"2024-06-19T09:54:25+00:00","breadcrumb":{"@id":"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/#primaryimage","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/www.threatcop.com-2.jpg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/06\/www.threatcop.com-2.jpg","width":2048,"height":1169},{"@type":"BreadcrumbList","@id":"https:\/\/threatcop.com\/blog\/email-compromise-tops-in-the-threat-landscape\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/threatcop.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Email Compromise Tops in the Threat Landscape"}]},{"@type":"WebSite","@id":"https:\/\/threatcop.com\/blog\/#website","url":"https:\/\/threatcop.com\/blog\/","name":"Threatcop","description":"Cybersecurity Blogs, News, Updates, and Articles","publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/threatcop.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/threatcop.com\/blog\/#organization","name":"Threatcop","url":"https:\/\/threatcop.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2022\/03\/cropped-original-logo-TC.png","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2022\/03\/cropped-original-logo-TC.png","width":951,"height":228,"caption":"Threatcop"},"image":{"@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","https:\/\/x.com\/threatcop","https:\/\/www.linkedin.com\/company\/threatcop\/","https:\/\/www.instagram.com\/threatcop_official\/"]},{"@type":"Person","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/22d5f1d29bffa611a2e16b7e46659bce","name":"Ritu Yadav","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/11\/Ritu-edited.jpg","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/11\/Ritu-edited.jpg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2023\/11\/Ritu-edited.jpg","caption":"Ritu Yadav"},"description":"Technical Content Writer at Threatcop Ritu Yadav is a seasoned Technical Content Writer at Threatcop, leveraging her extensive experience as a former journalist with leading media organizations. Her expertise bridges the worlds of in-depth research on cybersecurity, delivering informative and engaging content."}]}},"_links":{"self":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/11305","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/comments?post=11305"}],"version-history":[{"count":4,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/11305\/revisions"}],"predecessor-version":[{"id":11323,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/11305\/revisions\/11323"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media\/11320"}],"wp:attachment":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media?parent=11305"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/categories?post=11305"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/tags?post=11305"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}