BEC is an acronym for “business email compromise.” BEC refers to social engineering attacks used to convince those in charge of finances at an organization to send large payments to the scammers. These attacks are carried out over email conversations initiated by the scammer who spoofs the identity of an executive at the organization.
PhishLabs’ R.A.I.D. (Research Analysis and Intelligence Division) has discovered changes in the tactics employed by scammers in the BEC attacks over the last year as cybercriminals benchmark success resulting in better targeting, more convincing scams, and greater losses. Download the full intelligence report for details on the recently observed attacks, specific characteristics of those attacks, and best practices to help mitigate and eradicate the threat.