Business Email Compromise (BEC) Attacks Rise in 75% of Industries According to Abnormal Security Research

October 30, 2020

BEC Campaign Attack Volume Increases 15% in Q3 2020; Invoice and Payment Fraud Attacks Rise 155% Quarter-over-Quarter, Partially Fueled by Pandemic

SAN FRANCISCO — October 29, 2020 — Abnormal Security, a next-generation email security company, today released the Abnormal Security Quarterly BEC Report for Q3 2020. The research, which analyzes business email compromise attacks tracked by Abnormal from July-September 2020, found that BEC campaign volume increased 15% quarter-over-quarter, driven by an explosion in invoice and payment fraud.

“As the industry’s only measure of BEC attack volume by industry, our quarterly BEC research is important for CISOs to prepare and stay ahead of attackers,” said Evan Reiser, CEO of Abnormal Security. “Not only are BEC campaigns continuing to increase overall, they are rising in 75% of industries that we track. Since these attacks are targeted and sophisticated, these increases could indicate an ability for threat actors to scale that may overwhelm some businesses.”

For this research, Abnormal Security tracked BEC campaigns across eight major industries, including Retail/Consumer Goods & Manufacturing, Technology, Energy/Infrastructure, Services, Medical, Media/TV, Finance and Hospitality. During Q3, Abnormal found that BEC campaign volume increased in six out of eight industries, with Energy/Infrastructure seeing the highest jump of 93% from Q2 to Q3. Retail/Consumer Goods & Manufacturing, Technology and Media received the highest volume of attacks during the quarter.

Among the numerous categories of attacks that Abnormal Security prevents for its Fortune 500 clients, it uniquely stops two types of BEC attacks: social engineering BEC, with a goal to impersonate internal employees and VIPs or external partners, and invoice and payment fraud BEC attacks, with a goal of stealing money from companies. During Q3, attackers continued to focus primarily on invoice and payment fraud, which increased 155% from Q2 to Q3. This trend was particularly notable in Retail/Consumer Goods & Manufacturing.

Threat actors continue to target invoice and payment fraud BEC attacks at finance departments, which increased by 54% on average per week from Q2 to Q3. In addition, attackers shifted tactics by increasing email attacks to group mailboxes by 212%.

Additional findings from Abnormal’s Q3 BEC research:

  • While credential-phishing COVID-19 related attacks decreased by 82%, invoice and payment fraud that continues to leverage the fear, uncertainty and doubt of the pandemic increased by 81%.
  • The most impersonated brands returned to the pre-pandemic “normal,” as Zoom dropped away from the top spot, replaced by DHL and followed by Dropbox and Amazon. Rounding out the top five were iCloud and LinkedIn.

The Abnormal Quarterly BEC Report for Q3 2020 report is now available for download.

About Abnormal Security
Abnormal Security is a next-generation cloud email security company that protects organizations from advanced targeted attacks. The Abnormal Security platform stops targeted email attacks and detects compromised accounts through innovative AI that analyzes organizations from the inside out to get a deep understanding of the people in the enterprise, organizational processes and the extended supply chain. Abnormal Security is based in San Francisco, CA. More information is available at

Ted Weismann
fama PR for Abnormal Security
(617) 396-7740

Related News & Press

Usa daily post logo
On a recent Price of Business show, Host Kevin Price interviewed former FBI cyber security expert, Crane Hassold. Crane Hassold is considered the foremost mind in email attacks and serves as Director of Threat Intelligence at Abnormal Security, the leading cloud email security platform.
Read More
The register logo
This summer, Abnormal Security discovered that some of its customers' staff were receiving emails inviting them to install ransomware on a company computer in return for a $1m share of the "profits".
Read More
Digital anarchist logo
Adtech and email security? Abnormal Security CEO Evan Reiser will tell us all about it and how he hopes his company can help. Listen to the podcast to learn more.
Read More
Help net security logo
Abnormal Security announced the Abnormal Integrated Cloud Email Security (ICES) platform. Abnormal ICES is an all-in-one email security platform that provides precision against the full spectrum of email attacks.
Read More
Ciso talks podcast logo
In this episode of CISO Talks, we discuss the sheer amount of marketing noise filling the cyberspace. Buzzwords, acronyms and all sorts are being thrown around manically. A lot of organizations benefit from a marketing focus especially SMBs but this is often prioritized above the technology/product.
Read More
Aix outlook logo
Abnormal Security has announced its Integrated Cloud Email Security (ICES) platform. Unlike other email security platforms, Abnormal ICES provides a single, comprehensive solution for protecting against every kind of email attack. Together with Microsoft 365...
Read More
Cso logo
The damage from executive email account takeovers can run into millions of dollars, as recent examples show. In 2019, Toyota Boshoku Corporation lost $37 million after the information in a payment direction from a third-party was changed...
Read More
Symbol purple 02b
Abnormal Security today announced the Abnormal Integrated Cloud Email Security (ICES) platform. Abnormal ICES is the only all-in-one email security platform that provides unparalleled precision against the full spectrum of email attacks.
Read More
Cyber pro podcast logo
Mike shares his insights and experience on the role of the fundamentals of patch management and access management during these highly innovative times in technology.
Read More
Ciso talks podcast logo
In this episode of CISO Talks, we discuss the advantages of focusing on the problems in cybersecurity without any preconceptions and how this benefits the overall process. This episode is really insightful not just to anyone looking to join the cybersecurity space at any level.
Read More
Cbs chicago 2 logo
If your child’s school gets hacked and their personal information gets stolen, you might never hear about it. CBS 2 found one southwest suburban school district that was targeted.
Read More
Cso logo
Security startups are often innovation leaders that attempt to solve critical and persistent problems. These are some of the most interesting ones to watch as they tackle issues around multicloud security, identity management, zero-trust, and more.
Read More