skip to Main Content

Business Email Compromise (BEC): What You Need To Know


The FBI and national cybersecurity experts are trying to get the word out to executives and their direct reports about a growing and successful attack approach: Business Email Compromise (BEC).

Also known as “CEO fraud,” the FBI predicts that these attacks – which already cost businesses upwards of 12.5 billion dollars annually, will only continue to grow and evolve.

During these attacks, cybercriminals patiently employ passive reconnaissance, social engineering and other means to gain control of, or spoof, a top executive’s account. Once they have garnered access to the account, or have created a realistic look alike, they will observe the victim’s normal usage and communication style until they learn norms and identify patterns of behavior. This intel is then used to send communications from what appears to be a C-level executive to a subordinate telling them to make a purchase, pay a bill, or share sensitive information – complete with links to the specific payment gateway or recipient in need. It all looks very legitimate, but is totally fraudulent. Another variation of BEC involves the direct report claiming an emergency purchase is needed and the executive should authorize a wire transfer, complete with legitimate looking links.

What makes these attacks even more dangerous is the fact that the email usernames and passwords of corporate executives tend to be easily available to cybercriminals on the dark web, making anyone a potential target.

We know of several small-to-medium sized organizations in various industries that have been infected, and if not for warnings like this would have fallen victim to similar scams. Some of the attacks have come through a series of text messages sent from an executive’s corporate phone, but most are executed by corporate email. This fraud is so successful because of breakdowns in not just technology, but the process and way your people interact with both.

The best means of prevention is a complete technology risk management assessment that looks at all aspects of the people, process and technology triangle. At Alliant Cybersecurity, we follow these client assessments with roadmaps for effective remediation of the vulnerabilities discovered – each made to fit the unique needs of your individual business. Typically chief among necessary improvements are employee (all levels) risk awareness raising and reminders of officially approved processes.

Contact Alliant Cybersecurity today to schedule a risk assessment – and protect your business, and your employees, from cyber harm.

Steven Hunter

Alliant Cybersecurity Vice President

Back To Top