Browse Definitions :
Definition

business email compromise (BEC, man-in-the-email attack)

TechTarget Contributor
By

Business email compromise (BEC) is a security exploit in which the attacker targets an employee who has access to company funds and convinces the victim to tranfer money into a bank account controlled by the attacker.

According to the FBI's Internet Crime Report, BEC exploits were responsible for over $1.77 billion in losses in 2019. Business email compromise is one of the top cyberinsurance claims in 2020, and security vendor Proofpoint has warned businesses that BEC exploits are increasingly being tied to COVID-19. The most common victims of BEC are companies that use wire transfers to send money to international clients.

 

BEC exploits often begin with the attacker using a social engineering scam to trick a C-level target into downloading malware, clicking on an infected link or visiting a compromised website. Once the C-level manager's account has been compromised, it can be used to trick another employee into sending money to the attacker.

 

A popular BEC strategy is to send an official-looking email to someone in the company's finance department. Typically, such an email will say there is a time-sensitive, confidential matter that requires payment be made to a customer's, partner's or supply chain partner's bank account as soon as possible. The attacker hopes that the unsuspecting person in finance will think they are helping their company by facilitating a quick transfer of funds -- when in reality, they are sending money to the attacker's bank account.

There are numerous ways that BEC can be used to defraud targets. Here are a few examples:

  • A compromised employee account requests a change in payee information and transfers payments to the perpetrator’s account.
  • The attacker sends a bogus invoice to partner vendors in hopes they will pay the bill without questioning it.
  • An attorney’s email identity might be used to pressure the target for immediate payment.

Cybercriminals may further use a compromised account (especially those of HR employees) to gain more personally-identifiable information (PII) for later use in defrauding the company or its clients. Measures to prevent this type of financial fraud include employee education, conducing social engineering pen tests and adding a requirement that at least two employees sign approvals for payment change requests.

This was last updated in March 2020

Continue Reading About business email compromise (BEC, man-in-the-email attack)

Networking
Security
CIO
  • prototyping model

    The prototyping model is a systems development method in which a prototype is built, tested and then reworked as necessary until ...

  • digital ecosystem

    A digital ecosystem is a group of interconnected information technology resources that can function as a unit.

  • procurement plan

    A procurement plan -- also called a procurement management plan -- is a document that is used to manage the process of finding ...

HRSoftware
  • talent pipeline

    A talent pipeline is a pool of candidates who are ready to fill a position.

  • recruitment process outsourcing (RPO)

    Recruitment process outsourcing (RPO) is when an employer turns the responsibility of finding potential job candidates over to a ...

  • human resources (HR) generalist

    A human resources generalist is an HR professional who handles the daily responsibilities of talent management, employee ...

Customer Experience
  • outbound marketing

    Outbound marketing is a traditional form of marketing in which an organization initiates contact with potential customers, or ...

  • churn rate

    Churn rate is a measure of the number of customers or employees who leave a company during a given period.

  • marketing campaign management

    Marketing campaign management is the planning, executing, tracking and analysis of direct marketing campaigns.

Close