Identifying and Addressing BEC and Wire Fraud Attacks

Formerly known as the “man in the email attack,” business email compromise (BEC) is a scam that takes control of a senior employee’s email account or even a trusted vendor’s email account with the goal to command unauthorized financial transfers. This type of attack is different from classic phishing campaigns because it targets one specific individual and is highly personalized in this sense.

Many BEC attacks request wire transfers because most of the time, they cannot be cancelled but they can also attack payments being sent by ACH and Bill Pay. For example, a hacker starts to look for any sensitive information related to the CEO or vendor contact of a specific company and uses this information to get control of the person’s email account. From that account, the hacker searches for any invoice which is due soon and once he finds one, he sends a request to the finance department, pretending that it is urgent and that the bank account information for that payment has changed.

Learn how to protect your business by viewing our Identifying and Addressing BEC and Wire Fraud Attacks Guide.