{"id":2165,"date":"2022-04-25T17:42:55","date_gmt":"2022-04-25T12:12:55","guid":{"rendered":"https:\/\/kdmarc.com\/blog\/?p=2165"},"modified":"2026-03-10T13:21:10","modified_gmt":"2026-03-10T07:51:10","slug":"bec-attack","status":"publish","type":"post","link":"https:\/\/threatcop.com\/blog\/bec-attack\/","title":{"rendered":"What Is a Business Email Compromise (BEC) Attack?"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Nowadays, BEC attacks have become one of the most remunerative lines of business for malicious actors. Every day new BEC attack groups are being discovered. These attackers are targeting various firms across the globe to scam them out of massive sums of money. Currently, cybercriminals are making loads of money by actively using BEC attacks as their prime attack vector. Among all the cyber crimes reported, they are the costliest ones for organizations.&nbsp;<\/span><\/p>\n\n\n\n<p class=\"has-text-align-center wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">According to the FBI&#8217;s IC3, <\/span><b>BEC attacks have incurred losses of $1.8 billion in 2020<\/b><span style=\"font-weight: 400;\">.<\/span><\/span><\/p><div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 ez-toc-wrap-center counter-hierarchy ez-toc-counter ez-toc-light-blue ez-toc-container-direction\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<span class=\"ez-toc-title-toggle\"><a href=\"#\" class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" aria-label=\"Toggle Table of Content\"><span class=\"ez-toc-js-icon-con\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #414141;color:#414141\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #414141;color:#414141\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/span><\/a><\/span><\/div>\n<nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/threatcop.com\/blog\/bec-attack\/#What_is_BEC_Attack\" >What is BEC Attack?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/threatcop.com\/blog\/bec-attack\/#Types_of_BEC_Attacks\" >Types of BEC Attacks<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/threatcop.com\/blog\/bec-attack\/#Real-life_Examples_of_BEC_Attacks\" >Real-life Examples of BEC Attacks<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-4\" href=\"https:\/\/threatcop.com\/blog\/bec-attack\/#What_is_C-Suite_How_is_it_under_Threat\" >What is C-Suite? How is it under Threat?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-5\" href=\"https:\/\/threatcop.com\/blog\/bec-attack\/#How_Are_BEC_Attacks_Carried_Out\" >How Are BEC Attacks Carried Out?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-6\" href=\"https:\/\/threatcop.com\/blog\/bec-attack\/#Group_Mailboxes_Favourite_Target_for_BEC_Attacks\" >Group Mailboxes: Favourite Target for BEC Attacks<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-7\" href=\"https:\/\/threatcop.com\/blog\/bec-attack\/#Statistics_on_BEC_Attack\" >Statistics on BEC Attack<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-8\" href=\"https:\/\/threatcop.com\/blog\/bec-attack\/#How_to_Detect_Business_Email_Compromise_Attacks\" >How to Detect Business Email Compromise Attacks?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-9\" href=\"https:\/\/threatcop.com\/blog\/bec-attack\/#How_to_Protect_Your_Organization_from_BEC_Attacks\" >How to Protect Your Organization from BEC Attacks?<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-2'><a class=\"ez-toc-link ez-toc-heading-10\" href=\"https:\/\/threatcop.com\/blog\/bec-attack\/#How_can_TDMARC_Help\" >How can TDMARC Help?<\/a><\/li><\/ul><\/nav><\/div>\n\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What_is_BEC_Attack\"><\/span><span style=\"color: #000000;\"><b>What is BEC Attack?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">BEC attacks typically involve <\/span><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/kdmarc.com\/blog\/a-brief-introduction-of-email-spoofing\/\">email spoofing<\/a><\/span><span style=\"font-weight: 400; color: #000000;\">, spear phishing, or impersonation of business email addresses. In business email compromises, cybercriminals use those forged email addresses to trick employees into making payments or financial transactions to the threat actors\u2019 accounts. The BEC attackers are known for being master manipulators and fraudsters who employ social engineering tactics to gather intelligence about targets. Then, they use this intelligence to launch successful attacks.<\/span><\/p>\n\n\n<div class=\"wp-block-image wp-image-9965 size-full\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"728\" height=\"380\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2022\/04\/bec-attack.jpg\" alt=\"bec-attack\" class=\"wp-image-9965\"\/><figcaption class=\"wp-element-caption\"><span style=\"color: #000000;\">(Source: The Hacker News)<\/span><\/figcaption><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">The primary objective of business email compromise is to extort money from the organizations. Malicious actors gather intelligence about the target organization and utilize reconnaissance strategies to comprehend how it carries out everyday business operations.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Fraudsters study the market and keep a close eye on technological developments, constantly looking for ways to improve their attack tactics. The transition to work from home culture has created a favorable ecosystem for threat actors, allowing them to land attacks more easily. For example, during the pandemic, cybercriminals often curated covid-themed phishing templates to trick unsuspecting employees.&nbsp;<\/span><\/p>\n\n\n\n<!DOCTYPE html>\n<html lang=\"en\">\n\n<head>\n    <meta charset=\"UTF-8\">\n    <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge\">\n    <meta name=\"viewport\" content=\"width=device-width, initial-scale=1.0\">\n    <title>Document<\/title>\n<\/head>\n\n<style>\n    .interestedBtn {\n        width: 80% !important;\n        box-sizing: border-box !important;\n        display: inline-block !important;\n        padding: 11px !important;\n        border: 1px !important;\n        border-color: #ddd !important;\n        margin-top: 10px !important;\n        background-color: #183e8b !important;\n        background-image: none !important;\n        text-shadow: none !important;\n        color: #fff !important;\n        font-size: 14px !important;\n        line-height: 20px !important;\n        border-radius: 5px !important;\n        margin: 0 !important;\n        cursor: pointer !important;\n        box-shadow: 0px 4.66px 22.99px 0px rgba(0, 0, 0, 0.10);;\n    }\n\n\n        .formSec .formSecTwo{\n            padding-top: 15px !important;\n            margin-bottom: 30px !important;\n        }\n\n\n    .tnp-email {\n        width: 80% !important;\n        box-sizing: border-box;\n        padding: 8px 10px;\n        display: inline-block;\n        border: 1px solid #ced4da;\n        background: #fff;\n        color: #000 !important;\n        font-size: 13px;\n        line-height: 20px;\n        border-radius: 2px;\n        padding-right: 30px;\n        margin-bottom: 0px;\n    }\n\n    .formSec {\n        border: 1px solid #ced4da;\n        float: left !important;\n        width: 55% !important;\n    }\n\n    .mainBox {\n       \/* border: 1px solid #183e8b;*\/\n         background: white;\n        max-width: 600px !important;\n        margin: 0 auto !important;\n        padding: 20px !important;\n        font-family: Arial, Helvetica, sans-serif !important;\n    }\n\n    .boxDiv {\n        display: flex !important;\n    }\n\n    .boxConsult {\n        float: left !important;\n        width: 45% !important;\n        padding: 10px !important;\n    }\n\n    .formSecTwo {\n        text-align:center !important;\n        width: 100% !important;\n    }\n\n    .formHeading {\n        font-family: Arial, Helvetica, sans-serif;\n        margin-top: 0px;\n        font-weight: 700;\n        line-height: 25px;\n        font-size: 18px !important;\n        \n       margin-bottom: 60px !important;\n       color: #000!important;\n          margin-top: 5px !important;\n    }\n\n    .fieldHeading {\n        margin: 0 !important;\n        font-size: 13px !important;\n        text-align: left !important;\n        margin: 0px 39px 2px 93px !important;\n        font-weight: 500 !important;\n    }\n\n    .image {\n        max-width:90% !important;\n        height: auto !important;\n    }\n\n     .email-icon {\n            position: absolute;\n            right: 50px;\n             top: 20px;\n            transform: translateY(-50%);\n            pointer-events: none; \n        }\n\n          .email-container{\n             position: relative;\n         \n        }\n       \n\n        .email-icon img{\n                 width: 15px;\n        }\n\n\n         input::placeholder {\n            color:#495057;\n        }\n\n\n     ::placeholder {\n        color: #495057;\n    }\n\n        ::-ms-input-placeholder { \n          color:#495057;\n        }\n\n\n        input:-webkit-autofill {\n            background-color: transparent !important;\n            -webkit-box-shadow: 0 0 0px 1000px white inset !important; \n            box-shadow: 0 0 0px 1000px white inset !important;\n            color: #495057 !important; \n        }\n\n        \n        input {\n            color:#495057 !important;\n        }\n\n\n    @media screen and (max-width: 480px) {\n        .boxDiv {\n            display: block !important;\n            padding: 15px !important;\n         \n        }\n\n        .image{\n        width: 80% !important;\n         margin-bottom: 14px;\n        }\n        .fieldHeading {\n            text-align: left !important;\n            margin: unset !important;\n        }\n\n        .boxConsult {\n            width: unset !important;\n            float: none !important;\n        }\n\n        .mainBox {\n            border: unset !important;\n        }\n\n        .formSec {\n            float: unset !important;\n            width: 100% !important;\n        }\n\n        .formSecTwo {\n            text-align: center !important;\n        }\n\n        .tnp-email {\n            width: 90% !important;\n        }\n\n        .formHeading {\n            margin-bottom: unset !important;\n        }\n\n         .email-icon {\n            position: absolute;\n            right: 25px;\n            top: 58%;\n            transform: translateY(-50%);\n            pointer-events: none; \/* Make sure the icon doesn't block clicking on the input *\/\n        }\n       \n        .email-container{\n             position: relative;\n        }\n\n    }\n<\/style>\n\n<body>\n\n    <div class=\"mainBox\" box-sizing:=\"\" border-box;=\"\">\n\n        <div class=\"boxDiv\">\n\n            <div class=\"boxConsult\">\n                <div>\n                    <h3 class=\"formHeading\" style=\" font-size: 16px !important;\">\n                        Book a Free Demo Call with Our People Security Expert<\/h3>\n                <\/div>\n                <img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/form.svg\" class=\"image\">\n            <\/div>\n\n            <div class=\"formSec\">\n                <div class=\" formSecTwo\">\n                    <h4 style=\"margin-top: 0; font-size: 16px !important;\">Enter your details<\/h4>\n                    <div class=\"tnp tnp-subscription-minimal\">\n                        <form action=\"https:\/\/threatcop.com\/thankyou-blog\" method=\"get\" target=\"_blank\">\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n\n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"FullName\" value=\"\"\n                                    placeholder=\"Full Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon01.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n                               \n                                <input class=\"tnp-email\" type=\"email\" required=\"\" name=\"email\" value=\"\"\n                                    placeholder=\"Corporate Email Id\">\n                                     <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon02.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n\n                            <div class=\"email-container\" style=\"margin-bottom:20px;\">\n                               \n                                <input class=\"tnp-email\" type=\"text\" required=\"\" name=\"CompanyName\" value=\"\"\n                                    placeholder=\"Company Name\">\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon03.svg\" class=\"img-fluid\" \/><\/span>\n\n                            <\/div>\n\n                            <div class=\"email-container\">\n                               \n                                <input class=\"tnp-email\" type=\"number\" required=\"\" name=\"Phone\" value=\"\"\n                                    placeholder=\"Phone No.\"><br>\n                                    <span class=\"email-icon\"><img decoding=\"async\" src=\"https:\/\/awareness.threatcop.ai\/threatcop_blog\/icon04.svg\" class=\"img-fluid\" \/><\/span>\n                            <\/div>\n                            <input type=\"hidden\" name=\"BlogForm\" value=\"BlogForm\"><br>\n                            <input class=\"tnp-submit interestedBtn\" name=\"submit\" type=\"submit\"\n                                value=\"SUBMIT\">\n\n                        <\/form>\n                    <\/div>\n                <\/div>\n            <\/div>\n\n        <\/div>\n    <\/div>\n\n<\/body>\n\n<\/html>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Types_of_BEC_Attacks\"><\/span><span style=\"color: #000000;\"><b>Types of BEC Attacks<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">BEC attacks involve a myriad of tactics, based on which they can be classified into multiple categories. The most common types of BEC attacks include:<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><b>False Invoice Scam<\/b><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Cyber attackers often impersonate an organization\u2019s suppliers or collaborators to send false\/fake invoices. This tricks the target organization into making certain transactions or payments for scammed invoices.&nbsp;<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><b>CEO Fraud<\/b><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">It is the most common way of landing business email compromise attacks. In these attacks, cybercriminals impersonate the CEO or other higher-level executives of an organization to trick employees of the accounting or finance department into transferring them a certain amount of money.&nbsp;<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><b>Account Compromise<\/b><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">In these attacks, the official email accounts of one or more employees are hacked through stolen credentials or other ways. Attackers then use these accounts to send emails to stakeholders or vendors to request payments.&nbsp;<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><b>Attorney Impersonation<\/b><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Many organizations hire legal representatives and lawyers to carry out their legal activities. Sometimes, attackers impersonate attorneys and target low-level employees for accessing vendors\u2019 information or the organization\u2019s intelligence.<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><b>Data Theft<\/b><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">In this type of BEC attack, the human resources department is directly targeted. The attackers attempt to gather employee information by impersonating the target organization\u2019s executives and asking the HR department for certain details related to the employees. The data collected by cybercriminals can be used as leverage while carrying out CEO fraud.<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Real-life_Examples_of_BEC_Attacks\"><\/span><span style=\"color: #000000;\"><b>Real-life Examples of BEC Attacks<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Currently, BEC attacks are one of the most dangerous threats for organizations and the most lucrative attack vector for threat actors. There are numerous real-life <\/span><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/kdmarc.com\/blog\/top-7-real-life-examples-of-bec-attacks-worldwide\/\">examples of BEC attacks<\/a><\/span><span style=\"font-weight: 400; color: #000000;\">, where organizations suffered a massive loss of resources and severe damage to reputation. Two of the most infamous examples are mentioned below.\u00a0<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><b>Puerto Rico Government Lost $3.8 Million<\/b><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\">The government of Puerto Rico suffered a loss of $3.8 million in 2019 and 2020<b> <\/b><span style=\"font-weight: 400;\">due to a well-executed BEC attack. In this attack, a government-owned corporation, which was involved in the economic development of an island, was tricked into making changes in the banking account to which they were supposed to make payments.\u00a0<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><b>Anthony Dwayne King Ripped off $250,000<\/b><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">Anthony Dwayne King was sentenced to two and half years for conducting a BEC scam, which <\/span>caused losses of $250,000 for companies across four states<span style=\"font-weight: 400;\">. He, along with some accomplices, carried out BEC attacks through <\/span>vishing<\/span> <span style=\"font-weight: 400; color: #000000;\">(phishing through phone) by establishing fake companies and fraudulent bank accounts. They targeted home movers and law firms but were caught by the Cyber Fraud Task Force of Georgia.<\/span><\/p>\n\n\n<div class=\"wp-block-image wp-image-9970 size-full\">\n<figure class=\"alignright\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"768\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2022\/04\/bec-attacks-1024x768-1.jpg\" alt=\"bec attacks\" class=\"wp-image-9970\"\/><figcaption class=\"wp-element-caption\">(Source: Tech Republic)<\/figcaption><\/figure>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"What_is_C-Suite_How_is_it_under_Threat\"><\/span><b>What is C-Suite? How is it under Threat?<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">C-Suite refers to the executive-level members of an organization. C-suite is commonly known as C-level. The notion of C in C-suite is for the first letter of Chief. They are usually a cluster of important senior executives with an array of designations like \u2018Chief Executive Officer (CEO)\u2019, \u2018Chief Operating Officer (COO)\u2019, \u2018Chief Financial Officer (CFO)\u2019, \u2018Chief Technical Officer (CTO)\u2019, \u2018Chief Information Officer (CIO)\u2019, etc.&nbsp;<\/span><\/p>\n\n\n\n<p class=\"has-black-color has-text-color has-link-color wp-elements-2e24fbfa92c793a0e0d24011e4daf481 wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Often, cybercriminals gather information about an organization\u2019s C-level executives and spoof their email accounts to carry out BEC attacks. When employees, especially from finance and HR, receive spoofed emails from an executive\u2019s account, they usually respond as instructed<\/span>, leading to business email compromise attacks. Among all the BEC attacks, the ones that target C-suite are the most damaging. Since the organization&#8217;s key individuals<span style=\"font-weight: 400; color: #000000;\"> are involved, the damage is both reputational and financial.\u00a0<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_Are_BEC_Attacks_Carried_Out\"><\/span><b>How Are BEC Attacks Carried Out?<\/b><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">The basis of BEC attacks is their people-centric nature. It is quite dependent on compromising the email accounts of targets. The procedure of carrying out this attack involves tricking people. A traditional method employed by fraudsters is either phishing or credential stuffing. It starts with collecting employee details. The collected details are used to trick employees into making fraudulent transactions. The following tactics are majorly used in these attacks:<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><b>Domain Spoofing<\/b><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">This is a method of forging an email domain to fool\/trick the targets. The purpose of this method is to gain the targets&#8217; trust by tricking them into believing the emails they receive are genuine. SMTP (Simple Mail Transfer Protocol) doesn\u2019t have email address verification by default. That\u2019s why cyber attackers can fake the sender\u2019s address and display the name of the email account to create an impression of authenticity.\u00a0<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><b>Lookalike Domains<\/b><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Also known as cousin domains, lookalike domains have domain names pretty similar to those of the target organizations. These domains are slightly altered or modified which makes it easy to deceive target individuals. For example, netflix.com can be used as netffix.com. The success of this methodology is dependent on the lack of awareness in employees or target individuals.&nbsp;<\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading has-medium-font-size\"><span style=\"color: #000000;\"><b>Compromised Accounts<\/b><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Sometimes, cybercriminals can get hold of the actual email account of someone who has a higher position in the organization. This allows them to carry BEC attacks easily as it facilitates a level of authenticity.<\/span><\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"493\" height=\"236\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2022\/04\/bec-attacks-linkedin.jpg\" alt=\"Image shows a hacker attempting to access user's email\" class=\"wp-image-9969\"\/><\/figure>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Group_Mailboxes_Favourite_Target_for_BEC_Attacks\"><\/span><span style=\"color: #000000;\"><b>Group Mailboxes: Favourite Target for BEC Attacks<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Group mailboxes or shared mailboxes are a point of email contact for a whole group or team. It is used by a large number of individuals, which makes it an excellent target for cybercriminals to send spoofed or phishing emails. Due to a large number of people in a group or shared mailboxes, the probability of at least one employee opening a link containing malicious attachments or links becomes very high. During remote working, the rate of success of attacks using malicious emails has increased tenfold.&nbsp;<\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"Statistics_on_BEC_Attack\"><\/span><span style=\"color: #000000;\"><b>Statistics on BEC Attack<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">According to data from the FBI\u2019s IC3 (Internet Crime Complaint Centre), <\/span><b>BEC scams have increased by 61% in 2020 in comparison to 2016<\/b><span style=\"font-weight: 400;\">.&nbsp;<\/span><\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">An article by Helpnet Security mentions that <\/span><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/www.helpnetsecurity.com\/2021\/06\/25\/bec-attacks-past-year\/\" target=\"_blank\" rel=\"noopener\"><b>34% of the employees<\/b><\/a><\/span><span style=\"color: #000000;\"><b> from the finance sector become victims of spear-phishing attacks<\/b><span style=\"font-weight: 400;\">.&nbsp;<\/span><\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">According to this article, <\/span><b>50% of the BEC attacks are carried out through spoofing<\/b><span style=\"font-weight: 400;\"> by misusing the identity of individuals by displaying their names. Among all the spear-phishing emails,<\/span><b> the company&#8217;s name was used 69% times, the individual target\u2019s name was used 66% times, and senior management\u2019s name was used 53% times<\/b><span style=\"font-weight: 400;\">.<\/span><\/span><\/li>\n\n\n\n<li><span style=\"font-weight: 400; color: #000000;\">As per an article by TechRepublic, <\/span><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/www.techrepublic.com\/article\/how-a-business-email-compromise-attack-can-threaten-your-organization\/\" target=\"_blank\" rel=\"noopener\"><b>71% of BEC attacks<\/b><\/a><\/span><span style=\"color: #000000;\"><b> are carried out by spoofed email accounts and 69% by spear-phishing attacks<\/b><span style=\"font-weight: 400;\">. Apart from them, <\/span><b>24% of the attacks are carried out by malware<\/b><span style=\"font-weight: 400;\">.<\/span><\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\">Surprisingly, IC3\u2019s data also reports that <b>BEC attacks are 64 times more expensive<\/b> <b>than ransomware attacks<\/b>.<\/span><\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image wp-image-9983 size-full\">\n<figure class=\"aligncenter\"><img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"445\" src=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2022\/04\/IC3-Losses-in-2021.jpeg\" alt=\"Losses to Victims\" class=\"wp-image-9983\"\/><figcaption class=\"wp-element-caption\">Financial Losses Incurred by Specific Cybercrime (Source: FBI IC3)<\/figcaption><\/figure>\n<\/div>\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_to_Detect_Business_Email_Compromise_Attacks\"><\/span><span style=\"color: #000000;\"><b>How to Detect Business Email Compromise Attacks?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Business email compromise attacks can have devastating consequences for organizations. It has become essential to detect these attacks before they can cause any damage. Here are the two major ways for detecting BEC attacks and stopping them in their tracks.&nbsp;<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><b>Anti-phishing Tools:<\/b><span style=\"font-weight: 400;\"> An effective anti-phishing tool can act as the first line of defense against BEC attacks. It carries out authentication of the sender\u2019s addresses and possesses additional capabilities to identify any discrepancies. Additionally, a tag can be used to mark external emails, which could alert the employees to be careful with non-organizational emails.&nbsp;<\/span><\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"color: #000000;\"><b>Employee Vigilance:<\/b><span style=\"font-weight: 400;\"> A cautious employee can identify spelling mistakes or grammatical errors in emails, which are highly probable in such attacks. In organizations, there are some sets of procedures for dealing with financial transactions or crucial data. Thus, one must be careful to identify the requests for bypassing such procedures. The employees must be educated about the intricacies of business email compromise attacks so that they can identify addresses for their authenticity. In case of sensitive or finance-related requests made through emails, employees should be instructed to confirm them by contacting the sender through any other medium such as phone calls.&nbsp;<\/span><\/span><\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_to_Protect_Your_Organization_from_BEC_Attacks\"><\/span><span style=\"color: #000000;\"><b>How to Protect Your Organization from BEC Attacks?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">As cybercriminals are getting increasingly active and creative every day, it has become essential for organizations to take certain security measures against BEC attacks. So, here are some of the most effective ways to reduce the risk of BEC attacks and keep your organization safe:<\/span><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><span style=\"color: #000000;\"><b>Multi-factor Authentication: <\/b><span style=\"font-weight: 400;\">Instruct the employees to enable multi-factor authentication (at least 2FA) on their email accounts. This will make it difficult for cybercriminals to compromise their accounts for launching a BEC attack.<\/span><\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\"><b>DMARC-based Protection:<\/b><span style=\"font-weight: 400;\"> Use standard email authentication protocols like DMARC, DKIM, and SPF to protect your organization against domain forgery. <\/span><\/span><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/tdmarc\">TDMARC<\/a><\/span><span style=\"font-weight: 400; color: #000000;\"> monitors all three of these email authentication protocols to complement the Simple Mail Transfer Protocol (SMTP).<\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\"><b>Be Proactive:<\/b><span style=\"font-weight: 400;\"> Instruct your employees to avoid opening any emails from suspicious or unknown parties. Ask them to never click on any unsolicited attachments or links under any circumstances.<\/span><\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\"><b>Enable Fraud Reporting:<\/b><span style=\"font-weight: 400;\"> Companies can employ phishing incident response tools like <\/span><\/span><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/threatcop-phishing-incident-response\">TPIR<\/a><\/span><span style=\"font-weight: 400; color: #000000;\"> to enable employees to report malicious emails as soon as they are identified.<\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\"><b>Authoritative Control:<\/b><span style=\"font-weight: 400;\"> Use the company domain name to create company email accounts instead of using free, web-based accounts.<\/span><\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\"><b>Anti-Phishing Awareness:<\/b><span style=\"font-weight: 400;\"> Employees as well as organizations must be aware of spear phishing attacks and know how to avoid them. The employees must be provided <\/span><\/span><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/phishing-awareness-and-simulation\">phishing awareness training<\/a><\/span><span style=\"font-weight: 400; color: #000000;\"> to prevent such attacks.<\/span><\/li>\n\n\n\n<li><span style=\"color: #000000;\"><b>Employee Awareness Training:<\/b><\/span><span style=\"font-weight: 400;\"><span style=\"color: #000000;\"> The organization must carry out systematic<\/span> <\/span><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/threatcop-security-awareness-training\">cybersecurity awareness training<\/a><\/span><span style=\"font-weight: 400; color: #000000;\"> for their employees so that they can become aware of various attack vectors and safeguard themselves against them. Instruct employees to verify any email requests for confidential information or wire transfers.<\/span><\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\"><span class=\"ez-toc-section\" id=\"How_can_TDMARC_Help\"><\/span><span style=\"color: #000000;\"><b>How can TDMARC Help?<\/b><\/span><span class=\"ez-toc-section-end\"><\/span><\/h2>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">KDMARC is an anti-spoofing and <\/span><span style=\"color: #183994;\"><a style=\"color: #183994;\" href=\"https:\/\/threatcop.com\/tdmarc\">DMARC deployment tool<\/a><\/span><span style=\"font-weight: 400; color: #000000;\"> that helps you properly implement and configure your email domain\u2019s SPF, DKIM and DMARC records to prevent email spoofing. Loaded with an array of useful features, this email authentication tool prevents malicious actors from misusing your email domain to send malicious emails. Doing this significantly reduces the chances of BEC attacks like CEO fraud and data theft.\u00a0<\/span><\/p>\n\n\n\n<p class=\"has-text-align-center wp-block-paragraph\"><span style=\"color: #000000;\"><span style=\"font-weight: 400;\">\u201c<\/span><b><i>TDMARC<\/i><\/b><span style=\"font-weight: 400;\"> is listed on top technology review platforms like <\/span><b>SourceForge<\/b><span style=\"font-weight: 400;\">, <\/span><b>Gartner<\/b><span style=\"font-weight: 400;\">, and many more for its quality service\u201d<\/span><\/span><\/p>\n\n\n\n<h3 class=\"wp-block-heading\"><span style=\"color: #000000;\"><b>Conclusion<\/b><\/span><\/h3>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Business email compromise attacks are more prevalent and financially destructive than any other attacks. This attack is based on targeting the C-suite or senior executives of the organizations. BEC attacks have led to the loss of millions of dollars and damaged the reputation of hundreds of organizations worldwide.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><span style=\"font-weight: 400; color: #000000;\">Organizations need to become smarter to prevent such attacks. The objective of every organization should be to empower their employees and senior executives to safeguard themselves against these kinds of threats. Companies should also focus on strengthening their email security framework to prevent email-based attacks.<\/span><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Nowadays, BEC attacks have become one of the most remunerative lines of business for malicious actors. Every day new BEC attack groups are being discovered. These attackers are targeting various firms across the globe to scam them out of massive sums of money. Currently, cybercriminals are making loads of money by actively using BEC attacks [&hellip;]<\/p>\n","protected":false},"author":12,"featured_media":2507,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[41,45,43],"tags":[],"class_list":["post-2165","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-attacks","category-email-security","category-social-engineering"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>What Is a BEC Attack? Business Email Compromise Explained<\/title>\n<meta name=\"description\" content=\"What is a BEC attack? Business Email Compromise (BEC) attacks trick employees into sending money or data. Learn how BEC works, examples, &amp; prevention methods.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/threatcop.com\/blog\/bec-attack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What Is a BEC Attack? Business Email Compromise Explained\" \/>\n<meta property=\"og:description\" content=\"What is a BEC attack? Business Email Compromise (BEC) attacks trick employees into sending money or data. Learn how BEC works, examples, &amp; prevention methods.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/threatcop.com\/blog\/bec-attack\/\" \/>\n<meta property=\"og:site_name\" content=\"Threatcop\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/\" \/>\n<meta property=\"article:published_time\" content=\"2022-04-25T12:12:55+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-10T07:51:10+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2022\/04\/BEC-Attack.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1250\" \/>\n\t<meta property=\"og:image:height\" content=\"1200\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Kumar Shantanu\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatcop\" \/>\n<meta name=\"twitter:site\" content=\"@threatcop\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kumar Shantanu\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/bec-attack\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/bec-attack\\\/\"},\"author\":{\"name\":\"Kumar Shantanu\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/fb68b06665d9ecb47912ab0c3768ff23\"},\"headline\":\"What Is a Business Email Compromise (BEC) Attack?\",\"datePublished\":\"2022-04-25T12:12:55+00:00\",\"dateModified\":\"2026-03-10T07:51:10+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/bec-attack\\\/\"},\"wordCount\":1983,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/bec-attack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/BEC-Attack.webp\",\"articleSection\":[\"Cyber Attacks\",\"Email Security\",\"Social Engineering\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/bec-attack\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/bec-attack\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/bec-attack\\\/\",\"name\":\"What Is a BEC Attack? Business Email Compromise Explained\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/bec-attack\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/bec-attack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/BEC-Attack.webp\",\"datePublished\":\"2022-04-25T12:12:55+00:00\",\"dateModified\":\"2026-03-10T07:51:10+00:00\",\"description\":\"What is a BEC attack? Business Email Compromise (BEC) attacks trick employees into sending money or data. Learn how BEC works, examples, & prevention methods.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/bec-attack\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/threatcop.com\\\/blog\\\/bec-attack\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/bec-attack\\\/#primaryimage\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/BEC-Attack.webp\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/04\\\/BEC-Attack.webp\",\"width\":1250,\"height\":1200},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/bec-attack\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"What Is a Business Email Compromise (BEC) Attack?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"name\":\"Threatcop\",\"description\":\"Cybersecurity Blogs, News, Updates, and Articles\",\"publisher\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#organization\",\"name\":\"Threatcop\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2026\\\/06\\\/threatcop-logo-black-1.png\",\"width\":432,\"height\":102,\"caption\":\"Threatcop\"},\"image\":{\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/people\\\/Threatcop\\\/100083109892339\\\/\",\"https:\\\/\\\/x.com\\\/threatcop\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/threatcop\\\/\",\"https:\\\/\\\/www.instagram.com\\\/threatcop_official\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/#\\\/schema\\\/person\\\/fb68b06665d9ecb47912ab0c3768ff23\",\"name\":\"Kumar Shantanu\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/Shantanu-Image.jpeg\",\"url\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/Shantanu-Image.jpeg\",\"contentUrl\":\"https:\\\/\\\/threatcop.com\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/01\\\/Shantanu-Image.jpeg\",\"caption\":\"Kumar Shantanu\"},\"description\":\"Senior Writer Shantanu is an accomplished content strategist and technology enthusiast at Threatcop Inc. With a knack for translating technical intricacies into reader-friendly narratives, Shantanu contributes to making cybersecurity insights both informative and enjoyable for tech enthusiasts and general audiences alike.\",\"sameAs\":[\"http:\\\/\\\/threatcop.com\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"What Is a BEC Attack? Business Email Compromise Explained","description":"What is a BEC attack? Business Email Compromise (BEC) attacks trick employees into sending money or data. Learn how BEC works, examples, & prevention methods.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/threatcop.com\/blog\/bec-attack\/","og_locale":"en_US","og_type":"article","og_title":"What Is a BEC Attack? Business Email Compromise Explained","og_description":"What is a BEC attack? Business Email Compromise (BEC) attacks trick employees into sending money or data. Learn how BEC works, examples, & prevention methods.","og_url":"https:\/\/threatcop.com\/blog\/bec-attack\/","og_site_name":"Threatcop","article_publisher":"https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","article_published_time":"2022-04-25T12:12:55+00:00","article_modified_time":"2026-03-10T07:51:10+00:00","og_image":[{"width":1250,"height":1200,"url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2022\/04\/BEC-Attack.webp","type":"image\/webp"}],"author":"Kumar Shantanu","twitter_card":"summary_large_image","twitter_creator":"@threatcop","twitter_site":"@threatcop","twitter_misc":{"Written by":"Kumar Shantanu","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/threatcop.com\/blog\/bec-attack\/#article","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/bec-attack\/"},"author":{"name":"Kumar Shantanu","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/fb68b06665d9ecb47912ab0c3768ff23"},"headline":"What Is a Business Email Compromise (BEC) Attack?","datePublished":"2022-04-25T12:12:55+00:00","dateModified":"2026-03-10T07:51:10+00:00","mainEntityOfPage":{"@id":"https:\/\/threatcop.com\/blog\/bec-attack\/"},"wordCount":1983,"commentCount":0,"publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"image":{"@id":"https:\/\/threatcop.com\/blog\/bec-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2022\/04\/BEC-Attack.webp","articleSection":["Cyber Attacks","Email Security","Social Engineering"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/threatcop.com\/blog\/bec-attack\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/threatcop.com\/blog\/bec-attack\/","url":"https:\/\/threatcop.com\/blog\/bec-attack\/","name":"What Is a BEC Attack? Business Email Compromise Explained","isPartOf":{"@id":"https:\/\/threatcop.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/threatcop.com\/blog\/bec-attack\/#primaryimage"},"image":{"@id":"https:\/\/threatcop.com\/blog\/bec-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2022\/04\/BEC-Attack.webp","datePublished":"2022-04-25T12:12:55+00:00","dateModified":"2026-03-10T07:51:10+00:00","description":"What is a BEC attack? Business Email Compromise (BEC) attacks trick employees into sending money or data. Learn how BEC works, examples, & prevention methods.","breadcrumb":{"@id":"https:\/\/threatcop.com\/blog\/bec-attack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/threatcop.com\/blog\/bec-attack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/bec-attack\/#primaryimage","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2022\/04\/BEC-Attack.webp","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2022\/04\/BEC-Attack.webp","width":1250,"height":1200},{"@type":"BreadcrumbList","@id":"https:\/\/threatcop.com\/blog\/bec-attack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/threatcop.com\/blog\/"},{"@type":"ListItem","position":2,"name":"What Is a Business Email Compromise (BEC) Attack?"}]},{"@type":"WebSite","@id":"https:\/\/threatcop.com\/blog\/#website","url":"https:\/\/threatcop.com\/blog\/","name":"Threatcop","description":"Cybersecurity Blogs, News, Updates, and Articles","publisher":{"@id":"https:\/\/threatcop.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/threatcop.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/threatcop.com\/blog\/#organization","name":"Threatcop","url":"https:\/\/threatcop.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2026\/06\/threatcop-logo-black-1.png","width":432,"height":102,"caption":"Threatcop"},"image":{"@id":"https:\/\/threatcop.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/people\/Threatcop\/100083109892339\/","https:\/\/x.com\/threatcop","https:\/\/www.linkedin.com\/company\/threatcop\/","https:\/\/www.instagram.com\/threatcop_official\/"]},{"@type":"Person","@id":"https:\/\/threatcop.com\/blog\/#\/schema\/person\/fb68b06665d9ecb47912ab0c3768ff23","name":"Kumar Shantanu","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/01\/Shantanu-Image.jpeg","url":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/01\/Shantanu-Image.jpeg","contentUrl":"https:\/\/threatcop.com\/blog\/wp-content\/uploads\/2024\/01\/Shantanu-Image.jpeg","caption":"Kumar Shantanu"},"description":"Senior Writer Shantanu is an accomplished content strategist and technology enthusiast at Threatcop Inc. With a knack for translating technical intricacies into reader-friendly narratives, Shantanu contributes to making cybersecurity insights both informative and enjoyable for tech enthusiasts and general audiences alike.","sameAs":["http:\/\/threatcop.com"]}]}},"_links":{"self":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/2165","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/comments?post=2165"}],"version-history":[{"count":22,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/2165\/revisions"}],"predecessor-version":[{"id":13948,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/posts\/2165\/revisions\/13948"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media\/2507"}],"wp:attachment":[{"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/media?parent=2165"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/categories?post=2165"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/threatcop.com\/blog\/wp-json\/wp\/v2\/tags?post=2165"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}