Business Email Compromise
What is Business Email Compromise?
Business Email CompromiseA targeted fraud in which an attacker impersonates or takes over a corporate mailbox to trick an employee into wiring money, changing payment details, or sending sensitive data.
Business Email Compromise (BEC) typically combines reconnaissance, social engineering, and either spoofed mail or a hijacked legitimate account. Common scenarios include CEO fraud, vendor invoice redirection, payroll diversion, and W-2 / data-theft variants. BEC rarely requires malware; the leverage comes from authority, urgency, and trusted email channels, which is why it consistently ranks among the costliest cybercrimes per incident. Defences combine DMARC alignment with reject, mandatory MFA and Conditional Access on mailboxes, out-of-band verification of payment changes, accounting controls, anomaly detection on mail flow rules, and recurring user training.
● Examples
- 01
A finance clerk receives a forged "CEO" email asking for a same-day wire to a new supplier account.
- 02
A supplier's hijacked mailbox sends a real invoice with updated bank details that route payment to the attacker.
● Frequently asked questions
What is Business Email Compromise?
A targeted fraud in which an attacker impersonates or takes over a corporate mailbox to trick an employee into wiring money, changing payment details, or sending sensitive data. It belongs to the Attacks & Threats category of cybersecurity.
What does Business Email Compromise mean?
A targeted fraud in which an attacker impersonates or takes over a corporate mailbox to trick an employee into wiring money, changing payment details, or sending sensitive data.
How do you defend against Business Email Compromise?
Defences for Business Email Compromise typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Business Email Compromise?
Common alternative names include: BEC, Email account compromise (EAC).