What Is Business Email Compromise & How to Prevent It

  • Resources
  • What Is Business Email Compromise & How to Prevent It

Table of Contents

Are you tired of constantly worrying about falling prey to a business email compromise scam? This growing issue is plaguing companies and individuals, potentially causing millions in losses yearly. But what is a business email compromise, and how can it be prevented?

According to the Federal Bureau of Investigation (FBI), in the last three years, 24,000 enterprises in the US have been victims of business email compromise. In 2019, 26 billion dollars were lost. Since 2019, there has been a massive increase in business email compromise cases. This highlights the importance of protecting your business's email communications and that this issue isn't going away. It's only increasing as technology improves and hackers gain access to more savvy and sophisticated techniques.

Protecting your business's email communications with the latest offerings in email and cybersecurity is paramount. This article gives a comprehensive overview of business email compromise and techniques, technologies, and proactive strategies to prevent cybersecurity attacks on your organization's communications.

What is Business Email Compromise

Business email compromise (BEC) is a sophisticated and evolving cybercrime targeting businesses, individuals, and organizations. It involves the unauthorized use of email to conduct fraudulent activity by impersonating a trusted source and tricking the recipient into sending money or sensitive information to the attacker. BEC scams can take many forms, including fake invoices, false claims of urgent financial transactions, and fake job offers.

One of the reasons that BEC scams are so effective is that they rely on social engineering techniques to manipulate the emotions and urgency of the recipient. Attackers often use urgent language to convince the recipient to take immediate action. BEC attacks frequently target people in positions of power who can request or make payments on behalf of the business. The attacker selects whoever best fits their plan from a list of these people after focusing on a smaller group to carry out the attack. High-ranking executives, attorneys, accountants, and their support staff/departments are most victims.

The financial losses from BEC scams can be significant, with many organizations reporting losses in the millions of dollars. In addition to the financial impact, BEC scams can damage an organization's reputation due to the loss of trust with stakeholders and customers. It is vital for businesses and individuals to be aware of the threat posed by BEC scams and to take steps to protect themselves.

Protections against business email compromise scams will be discussed later in this article, but include:

  • Two-factor authentication for logins
  • Email encryption
  • Employee training on cybersecurity
  • Proper email archiving

Business email compromise has tremendous impacts on businesses and is worth taking action against. However, most companies and executives often need clarification about the difference between business email compromise and phishing. A better understanding of the problem creates a focused, personalized, and accurate solution.

Business Email Compromise vs Phishing

Email phishing

Business email compromise (BEC) and business email phishing are two related but distinct forms of cybercrime. While both involve using deceptive emails to conduct fraudulent activities, there are some key differences between the two.

Business Email Compromise (BEC)


A specific type of cyber attack targeting a particular business or organization

A broader term that refers to any type of scam that uses emails, text messages, or websites to trick individuals into revealing sensitive information or installing malware.

Involves unauthorized use of business email to conduct fraudulent activity by impersonating a trusted source.

Involves using deceptive emails or other methods to trick individuals into revealing sensitive information or installing malware.

Typically highly targeted and tailored to the specific victim.

Can take many forms and may not be as targeted or tailored to the particular victim but rather more general.

Often involves tricking the recipient into sending money or sensitive information to the attacker.

Adopts a threatening tone with words like “Urgent Action Needed.” In some cases, they threaten account closure, thereby creating internal conflict for the victims.

In BEC and phishing, it is crucial to be aware of the threat and to take steps to protect yourself and your organization. These include being cautious of unexpected or unusual requests for money or sensitive information and implementing strong email security measures, such as two-factor authentication.

Practical information can be critical when facing a BEC attack or phishing. On this note, we will consider the various examples of BEC.

Business Email Compromise Examples

BEC attacks can be sophisticated and challenging to spot, frequently utilizing social engineering strategies that prey on psychological flaws rather than technical flaws. At this juncture, it is pertinent to present a few real-world BEC attack cases from diverse industries and emphasize the strategies attackers utilized to carry out BEC attacks. Individuals and businesses can better defend themselves against BEC scams by comprehending how these attacks function. The following typical examples will help your judgment:

CEO Impersonation

This type of BEC involves the attacker posing as the CEO or a senior executive of the target company, usually using publicly available information such as the CEO's email signature, phone number, and job title. The attacker will email an employee requesting sensitive information or a wire transfer. For example, the attacker may ask the employee to transfer money to a specific bank account to cover an unexpected expense or to provide confidential financial reports. The email may appear legitimate, with the attacker using the correct language, tone, and branding to trick the recipient.

Invoice Scam

This type of BEC occurs when the attacker poses as a supplier and sends an invoice to the target company, requesting payment for a fake purchase or service. The invoice may appear genuine; the attacker may use the correct logos, branding, and payment terms to make it more convincing. If the target company pays into the fake account, it results in a financial loss. This type of BEC is often successful because the attacker takes advantage of the target company's trust in their suppliers and the pressure to pay bills on time.

Vendor Email Compromise

In this type of BEC, the attacker will pose as a vendor or supplier and send an email to the target company, asking to change the account details the company has on file details to a different bank account. The attacker may also include a convincing reason for the change, such as a merger, acquisition, or a change in the vendor's banking details. Once the payment details are changed, the attacker will receive the payment instead of the legitimate vendor, resulting in a financial loss.

Payment Diversion

When attackers intercept a legitimate payment request and change the payment details to their account instead, it's considered payment diversion. The attacker may do this by compromising the email account of a vendor or supplier or by sending a fake email that appears to be from the vendor or supplier and attempting to get into the financial system via phishing. The target company may unknowingly pay into the phony account, resulting in financial loss.

Job Offer Scam

Some attackers pose as potential employers and send fake job offers to potential employees, asking for personal and financial information such as their social security number, bank account details, or passport information. The attacker may use this information for identity theft or other illegal activities. This type of BEC is often successful because the potential employee is eager for a new job opportunity and may only verify the offer's authenticity after providing the requested information or not at all.

Wire Transfer Scam

This type of BEC involves the attacker posing as a trusted individual or organization and sending an email requesting a wire transfer, often under the guise of an emergency. The attacker may use persuasive language and a sense of urgency to trick the recipient into making the transfer without verifying the request. As an example, the attacker may pose as a lawyer or government official and request a wire transfer to cover legal fees or fines. This type of BEC is often successful because the recipient is pressured to make the transfer quickly.

The characteristics of business email compromise are:

  • Urgency
  • Timebound (presents a situation where a quick response is requested, like an emergency)
  • Undue pressure to comply
  • Authoritative tone
  • Providing a detailed explanation of why you should comply
  • Specific instructions
  • A request or instruction not to contact the sender

The attacker in a business email compromise scam always tries to pressure the victim and set a deadline that would be difficult for the victim to verify the details of the request. On this note, always be wary if you get an email requesting an urgent payment or claiming that the information must not be shared with a second party. Once the money has been sent, it's gone. It is strongly recommended that you verify all payments and confirm all instructions before completion. In BEC, there is no room for assumptions. It is also important to view some BEC cases.

Amaxra CTA  2
Need Help with Microsoft Licensing?
Leave your Microsoft licensing, security, and software solutions to us so you can concentrate on moving your business forward.

Business Email Compromise Cases

Business email compromise cases

Case #1 The 2015 Ubiquiti Networks Case

In 2015, Ubiquiti Networks, an American technology company founded in 2003 in San Jose, California, was targeted in a BEC scam that resulted in a loss of $46 million. The attacker, posing as the CEO of a company in China, sent an email to a finance employee requesting a wire transfer to cover an alleged acquisition. The email was designed to appear legitimate, with the attacker using the CEO's email signature, job title, and phone number. The email was also crafted to make the request appear urgent and critical to the business. Unfortunately, the finance employee, who believed the email to be from a trusted source, approved the transfer without verifying its authenticity. After the transfer, it was discovered that the email was a scam, and the money could not be recovered.

Case #2 The 2018 Google Brazil Case

In 2018, the Brazilian branch of Google was targeted in a BEC scam that resulted in a loss of $15 million. The attacker, posing as a Google executive, sent an email to the finance department requesting a transfer to cover a supposed legal settlement. The email was crafted in a way that appeared official and legitimate, with the attacker using the correct language and details of the settlement.

The finance department approved the transfer, believing the email was from a trusted source. Afterward, it was discovered that the email was a scam; unfortunately, the money was never recovered.

Case #3 The 2019 World Bank Case

In 2019, the World Bank was targeted in a BEC scam that resulted in a loss of $1.8 million. The attacker, posing as a World Bank executive, sent an email to a recipient in the finance department requesting a transfer to cover a project. The recipient, who believed the email to be from a trusted source, approved the transfer, but unfortunately, it was fraudulent.

These cases serve as a cautionary tale for businesses and organizations. It is crucial to implement security measures to prevent BEC scams, such as educating employees on the dangers of BEC scams, implementing two-factor authentication, and regularly reviewing financial processes to ensure they are secure. Additionally, employees should always verify the authenticity of emails and requests before taking action, especially when dealing with sensitive information or large sums of money.

BEC is fatal yet avoidable. Big corporations like Alphabet, Meta, World Bank, Etc., have all been victims of BEC. This means that every other business or organization can also be targeted. What tools can be used to identify, prevent, and even counterattack various business email compromises?

Business Email Compromise Tools

Business email compromise tools

Some tools businesses and organizations can adopt to secure their business or organization from BEC include:

Email Security Solutions

These are software programs designed to protect organizations from email-borne threats, including BEC scams. They can be designed as standalone applications or integrated into existing email systems and include features such as spam filters, phishing protection, and malware detection.

Two-Factor Authentication (2FA)

This security process requires users to provide two forms of authentication before accessing sensitive information or systems. For example, a user might be required to enter a password and provide a one-time code sent to their phone. This helps prevent unauthorized access to a company email system, as attackers would need access to both the password and the phone to succeed and prevent them from impersonating an authority figure in a BEC attack.

Email Authentication

This process verifies an email message's authenticity, ensuring that it has not been altered or forged in transit. Common authentication methods include SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting & Conformance).

Email Encryption

This is the process of converting sensitive or confidential information into a code that only authorized parties can access. Encryption helps to protect sensitive information during transmission. So, even if the BEC scammers can trick someone into sending confidential information, the attackers would need to have the decryption key to access the information.

Employee Training

This involves educating employees on the dangers of BEC scams and other email-borne threats and providing them with information on how to spot and respond to potential threats. Employee training can help to reduce the risk of successful BEC scams, as employees will be better equipped to identify and respond to suspicious emails.

Email Archiving

This is the process of storing email messages in a secure, centralized location for later retrieval. Archiving can help organizations comply with legal and regulatory requirements, allowing them to quickly access historical email messages in case of a security breach or investigation. Additionally, email archiving can provide a valuable source of information for security investigations, as attackers may use email messages as part of their attack methods.

Prevent Business Email Compromise with Amaxra

Business email compromise scams are a growing threat that can have significant financial, reputational, and operational impacts on organizations and individuals. BEC scammers use various social engineering techniques to trick victims into sending them sensitive information or money, which can pose a risk to anyone using email. In protecting against BEC scams, organizations and individuals must be vigilant and take proactive steps to prevent and respond to these attacks.

Organizations can prevent BEC scams by implementing technical and administrative measures such as email security solutions, two-factor authentication, Amaxra security service, email authentication, email encryption, employee training, and email archiving. Individuals can protect themselves by being cautious when receiving emails from unknown or unfamiliar sources and reporting suspected BEC scams to their IT department or security team.

In light of the growing threat posed by BEC scams, organizations and individuals must take proactive steps to protect against these attacks. By being vigilant and taking the necessary precautions, we can help prevent the devastating impacts of the Business Email Compromise. As a CXO, small business owner, or IT decision-maker, the safety of your business is paramount. On this note, you can contact Amaxra for personalized recommendations on the cyber protection of your business.

Amaxra Contact Us CTA_1
Get Started Today

We'll build a secure and complete Microsoft software solution for your business while you concentrate on what's important.