What is business email compromise (BEC)?
Business Email Compromise (**BEC**) uses email to defraud organizations through **impersonation** and **social engineering**. Attackers pose as executives, vendors, or partners to authorize fraudulent transactions or data disclosure.
Common scenarios: CEO fraud (fake executive requests wire transfer), vendor **impersonation** (fake invoice with changed payment details), and data theft (fake HR requests for employee information).
**BEC** causes billions in annual losses. FBI reports it as the most financially damaging cyber crime category. Success requires no technical exploitation; **social engineering** alone suffices. Defense requires verification procedures, financial controls, and awareness training.
Was this answer helpful?
Thanks for your feedback!