Business email compromise (BEC) is one of the most insidious and financially damaging online crimes, scamming roughly three times as many organizations as malware and slightly more than spear phishing, a new study said.
In a BEC scam, hackers send an email message that impersonates a known source making a legitimate request, such as a recognizable vendor sending an invoice with a new address. C-suite occupants are the favored targets but any employee can be tripped up by the ruse.
What makes BEC attacks so successful is the availability of basic personal information online that can be used against an employee to steal credentials for access to private data, said GreatHorn, a cloud email security provider, in its newly released 2021 Business Email Security Landscape Report based on information provided by 270 IT and cybersecurity professionals.
Business Email Compromise (BEC): More Research Findings