chat
expand_more

2023 Verizon Data Breach Investigations Report Recap: Socially-Engineered BEC Attacks Doubled Over the Past Year

Discover the biggest takeaways about business email compromise and social engineering from the 2023 Verizon Data Breach Investigations Report (DBIR).
June 7, 2023

Business email compromise (BEC) continues to be a major security threat to organizations, with a reported loss of $2.7 billion in 2022 alone. This type of cybercrime happens when a threat actor impersonates a reliable source, usually an executive, colleague, supplier, or partner, in order to steal money or sensitive information. As these emails usually lack malicious links or attachments, they are hard to identify with traditional email security measures, making companies vulnerable to attack.

Socially-engineered BEC attacks, specifically, have seen a startling increase over the past few years. This trend is illustrated by Verizon’s 2023 Data Breach Investigations Report, which shows that BEC attacks have doubled over the past year—comprising nearly 60% of social engineering incidents. The report is based on an analysis of 16,312 security incidents and 5,199 breaches over the past year.

Here are just a few of the highlights surrounding BEC and social engineering as discovered by Verizon’s DBIR team.

Socially-Engineered BEC Attacks Are Increasing

Rather than relying on malicious software, social engineering attacks use deception and human interaction to gain access to confidential information and systems. Threat actors use false pretexts and manufactured urgency or implicit trust in an attempt to manipulate employees into taking an action or divulging sensitive data.

Social engineering incidents have increased dramatically year over year, primarily due to pretexting—a deception method commonly used in BEC attacks—in which a threat actor will create a false narrative (or pretext) to gain the trust of a person and persuade them into revealing confidential information, downloading malicious software, or sending fraudulent payments.

Verizon reports that BEC attacks have doubled since 2022 and the median amount stolen from these attacks is now more than $50,000. This is likely a result of previous success. Because traditional secure email gateways have trouble identifying and blocking these emails, cybercriminals are seeing success and thus doubling down on what is already working for them.

BEC attacks have nearly doubled since 2022, making up more than 50% of pretexting incidents.

Verizon1

2023 Verizon Data Breach Investigations Report

Attackers Continue to Prey on the Human Element

When it comes to email threats, your workforce is your biggest liability. While employees must be accurate 100% of the time in identifying attacks, cybercriminals only need to find one distracted or untrained employee and they understand this. The vast majority of data breaches occurring since 2021 have involved the human element in some form or another—human error, privilege misuse, use of stolen credentials, or social engineering. According to Verizon’s DBIR team, 74% of all breaches include the human element.

Recent Abnormal data confirms Verizon's findings. In 2022, the average open rate of text-based business email compromise (BEC) attacks was 28% and approximately 15% of the malicious emails that were read were replied to. That means that over a quarter of all attacks that make it to the inbox are actually read—making it more important than ever to block attacks before they reach your end users.

74% of all breaches include the human element.

Verizon2

2023 Verizon Data Breach Investigations Report

Most Attackers Gain Access by Exploiting Stolen Credentials

Cybercriminals often rely on using stolen credentials and take advantage of known vulnerabilities to gain access to a company's network. Once they have a foothold, they are then able to access emails, steal code from repositories, and more. Although these measures may not be particularly complex, they are still highly effective—as evidenced by the steady presence of these types of attacks. This highlights the importance of implementing security measures such as multifactor authentication and patch management, as well as understanding your security posture across your email and email-like applications.

The three primary ways in which attackers access an organization are stolen credentials, phishing, and exploitation of vulnerabilities.

Verizon3

A Modern Solution to Prevent Socially-Engineered Attacks

As the data from the Verizon DBIR indicates, these attacks are becoming increasingly successful in taking advantage of existing relationships between the victim and their executives, coworkers, and partners. The rise in both volume and success shows how traditional email security tools are unable to detect and prevent these attacks, and that a more modern solution is needed.

Stopping BEC requires implementing a solution that can detect and interpret the thousands of signals available via an API, and then monitor them for key deviations from known-good behavior. Because these attacks have few indicators of compromise, like a malicious attachment or known bad domain, email security must shift to understand normal behavior and use that baseline to detect anomalous activity. After all, the focus on the human element shows that it’s only by stopping BEC attacks from reaching inboxes can we ensure our organizations remain secure.

Abnormal Security offers the leading behavioral AI-powered security platform utilizing machine learning to stop sophisticated inbound email threats like BEC and risky email platform attacks that evade traditional solutions. Our anomaly detection engine has the ability to combat social engineering attacks by comprehending identity and context to evaluate the danger of every cloud email occurrence, blocking inbound email threats, spotting compromised accounts, and handling emails in a flash – all while providing visibility into configuration changes in your environment.

Interested in learning more about how Abnormal can protect you from advanced attacks?

Schedule a Demo
2023 Verizon Data Breach Investigations Report Recap: Socially-Engineered BEC Attacks Doubled Over the Past Year

See Abnormal in Action

Get a Demo

Get the Latest Email Security Insights

Subscribe to our newsletter to receive updates on the latest attacks and new trends in the email threat landscape.

Get AI Protection for Your Human Interactions

Protect your organization from socially-engineered email attacks that target human behavior.
Request a Demo
Request a Demo

Related Posts

B Offensive AI 12 16 24
Learn how AI is used in cybersecurity, what defensive AI vs. offensive AI means, and how to use defensive AI to combat offensive AI.
Read More
B Proofpoint Customer Story Blog 7
See how Abnormal's AI helped a Fortune 500 insurance provider detect 27,847 threats missed by Proofpoint and save 6,600+ hours in employee productivity.
Read More
B Cyberattack Forecast Emerging Threats Blog
Uncover the latest email threats and strategies to strengthen your cybersecurity and prepare for 2025.
Read More
B How Phishing Kits Work Blog
Learn how phishing kits provide pre-packaged tools for stealing credentials, bypassing MFA, and targeting platforms like Gmail and Microsoft 365.
Read More
ABN Innovate Blog 1 L1 R1
Join Abnormal Security for a one-day virtual conference featuring the best insights from cybersecurity experts and AI leaders.
Read More
B Partners2024
Discover how strategic investments, global collaboration, and cutting-edge initiatives have empowered our partners to thrive and set the stage for even greater success in 2025.
Read More