35% of Cybersecurity Incidents are Business Email Compromise (BEC) Phishing Attacks

business-email-compromiseWith cybercriminals looking for the fastest means to get from attack to a big payout, BEC attacks are shifting tactics to adjust to organizations being better prepared.

What Is BEC?

BEC, or Business Email Compromise (also known as CEO Fraud), is a scam in which cybercriminals spoof company email accounts and impersonate executives to try and fool an employee in accounting or HR into executing unauthorized wire transfers, or sending out confidential tax information. According to new data from security vendor GreatHorn, in their 2021 Business Email Compromise Report, BEC is not just alive and well, but is changing from the traditional focus of solely using malwareless social engineering tactics.

Social Engineering Tactics

  • Spoofing – 71% of BEC attacks use a spoofed email account or website to establish credibility. This can be in the form of display name, a lookalike domain, or even a compromised account. Find out if you are vulnerable to this type of attack with an email spoof test.
  • Spear Phishing – 69% of BEC attacks utilize spear phishing, likely to increase their chances of reaching the right persons within an organization who have influence over money. According to the report, Finance is targeted 57% of the time, with CEOs next (22%) and IT third (20%). Our Free Phishing Security Test will show you what percentage of your employees are Phish-prone™.
  • Malware – 24% of BEC attacks still leverage malware as part of the attack. This one is interesting because it denotes the cybercriminals intent of gaining internal access, likely to gain elevated privileges and access financial applications to perform discovery (e.g., get the details on a big payment coming in and then defraud the company paying by using a second BEC attack on their finance people).

At the end of the day, Business Email Compromise (BEC) is nothing more than a targeted phishing attack using very specific social engineering tactics to gain the trust of the recipient to get them to engage in some financial transaction. According to the report, 71% of orgs feel their users are prepared to identify a phishing email, and yet 43% of the very same orgs said they experienced a security incident in the last 12 months.

Sounds like an opportunity for some better continual Security Awareness Training to keep those folks in Finance, the C-Suite, and IT (as well as everyone else in the organization) up to date on the latest BEC tactics and scams.

Live Demo: Identify and Respond to Email Threats Faster with PhishER

With only approximately 1 in 10 user-reported emails being verified as actually malicious, how do you not only handle the phishing attacks and threats—and just as importantly—effectively manage the other 90% of user-reported messages accurately and efficiently? PhishER.


To learn how, get a product demonstration of the new PhishER Security Orchestration, Automation and Response (SOAR) platform. In this live one-on-one demo we will show you how easy it is to identify and respond to email threats faster:

  • Automate prioritization of email messages by rules you set that categorize messages as Clean, Spam, or Threat
  • Augment your analysis and prioritization of messages with PhishML, a PhishER machine-learning module
  • Search, find, and remove email threats with PhishRIP, PhishER’s new email quarantine feature for Microsoft 365 and G Suite
  • NEW! Automatically flip active phishing attacks into safe simulated phishing campaigns with PhishFlip. You can even replace active phishing emails with safe look-alikes in your user’s inbox.
  • Easily integrate with KnowBe4's email add-in button, Phish Alert, or forwarding to a mailbox works too!

Request A Demo

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:


Subscribe to Our Blog

Comprehensive Anti-Phishing Guide

Get the latest about social engineering

Subscribe to CyberheistNews