What is Business Email Compromise?

Business email compromise (BEC) is a form of phishing that occurs when a cybercriminal impersonates a legitimate source to trick employees into wiring money, sharing sensitive information, or engaging in other compromising activities. Typically, the cybercriminals behind a BEC attack will send a legitimate-looking email requesting payment for a business purpose. In such instances, cybercriminals may pretend to be senior-level employees, suppliers, vendors, business partners, or other organizations.

Unlike more traditional phishing attacks that target a large group of individuals, BEC attacks are crafted to appeal to specific individuals – making them harder to detect and potentially more damaging. BEC is a threat that all businesses, regardless of size or industry, should take seriously.

Common BEC Attacks: 

Signs of BEC Attack 

Differentiating between legitimate business requests and BEC attacks can be difficult.

Here are some signs that an email is a BEC attack.

Protecting Against BEC 

BEC attacks can result in severe financial and reputational harm. Consider implementing the following cybersecurity practices to help reduce the risk for your organization.


VANTREO is here to help. For more cybersecurity and insurance guidance, contact us today. Just reply here.