Business email compromise, or BEC, is a category of insidious email attacks that can fool security systems and end users. BEC attacks rely on social engineering and impersonation tactics and are often text-based, making them difficult to detect by legacy security systems. A seemingly normal request from a trusted contact for an invoice payment or file transfer can lead to a seven-figure financial loss for an enterprise.
Simply put, BEC is a problem because it works. It’s been the most expensive cyberattack for seven years in a row, according to the FBI Internet Crime Report. The findings show that BEC attacks cost organizations nearly $2.4 billion last year alone, making up 35% of all cybercrime losses.