Press Releases


Business Email Compromise (BEC) Attacks Rise in 75% of Industries According to Abnormal Security Research

Share via:

BEC Campaign Attack Volume Increases 15% in Q3 2020; Invoice and Payment Fraud Attacks Rise 155% Quarter-over-Quarter, Partially Fueled by Pandemic

SAN FRANCISCO — October 29, 2020 — Abnormal Security, a next-generation email security company, today released the Abnormal Security Quarterly BEC Report for Q3 2020. The research, which analyzes business email compromise attacks tracked by Abnormal from July-September 2020, found that BEC campaign volume increased 15% quarter-over-quarter, driven by an explosion in invoice and payment fraud.

“As the industry’s only measure of BEC attack volume by industry, our quarterly BEC research is important for CISOs to prepare and stay ahead of attackers,” said Evan Reiser, CEO of Abnormal Security. “Not only are BEC campaigns continuing to increase overall, they are rising in 75% of industries that we track. Since these attacks are targeted and sophisticated, these increases could indicate an ability for threat actors to scale that may overwhelm some businesses.”

For this research, Abnormal Security tracked BEC campaigns across eight major industries, including Retail/Consumer Goods & Manufacturing, Technology, Energy/Infrastructure, Services, Medical, Media/TV, Finance and Hospitality. During Q3, Abnormal found that BEC campaign volume increased in six out of eight industries, with Energy/Infrastructure seeing the highest jump of 93% from Q2 to Q3. Retail/Consumer Goods & Manufacturing, Technology and Media received the highest volume of attacks during the quarter.

Among the numerous categories of attacks that Abnormal Security prevents for its Fortune 500 clients, it uniquely stops two types of BEC attacks: social engineering BEC, with a goal to impersonate internal employees and VIPs or external partners, and invoice and payment fraud BEC attacks, with a goal of stealing money from companies. During Q3, attackers continued to focus primarily on invoice and payment fraud, which increased 155% from Q2 to Q3. This trend was particularly notable in Retail/Consumer Goods & Manufacturing.

Threat actors continue to target invoice and payment fraud BEC attacks at finance departments, which increased by 54% on average per week from Q2 to Q3. In addition, attackers shifted tactics by increasing email attacks to group mailboxes by 212%.

Additional findings from Abnormal’s Q3 BEC research:

  • While credential-phishing COVID-19 related attacks decreased by 82%, invoice and payment fraud that continues to leverage the fear, uncertainty and doubt of the pandemic increased by 81%.
  • The most impersonated brands returned to the pre-pandemic “normal,” as Zoom dropped away from the top spot, replaced by DHL and followed by Dropbox and Amazon. Rounding out the top five were iCloud and LinkedIn.

The Abnormal Quarterly BEC Report for Q3 2020 report is now available for download.

About Abnormal Security
Abnormal Security is a next-generation cloud email security company that protects organizations from advanced targeted attacks. The Abnormal Security platform stops targeted email attacks and detects compromised accounts through innovative AI that analyzes organizations from the inside out to get a deep understanding of the people in the enterprise, organizational processes and the extended supply chain. Abnormal Security is based in San Francisco, CA. More information is available at

Ted Weismann
fama PR for Abnormal Security
(617) 396-7740

See the Abnormal Solution to the Email Security Problem

Protect your organization from the full spectrum of email and collaboration application attacks with Abnormal.
See a Demo