Shape your 2025 cyber GRC strategy with a complimentary Gartner report
Download Now
Looking to streamline your TPRM? Join our Product Deep Dive Webinar with live Q&A!
Register Now
Cyber Security Terms
Business Email Compromise (BEC)
BlogBreachesResourcesNews
Cyber Security Terms

Business Email Compromise (BEC)

Catherine Chipeta
Catherine Chipeta
updated Sep 11, 2022
Contents

Business Email Compromise (BEC)

Business email compromise (BEC) is a type of email scam where cybercriminals scam organizations through social engineering techniques. BEC is also referred to as email account compromise (EAC) or ‘man-in-the-email’ scamming.

How Does Business Email Compromise Work?

Cybercriminals usually carry out BEC scams by directly hacking an employee's email account, e.g. with a keylogger, or by undertaking a social engineering scheme, like spear phishing, to pose as an employee.

The cybercriminal impersonates the legitimate business email account holder in their email correspondence to lure unsuspecting employees into compromising sensitive data

How Do You Prevent Business Email Compromise?

There are a number of techniques organizations can use to help prevent BEC, such as:

Key takeaways

  • Check icon
    BEC is currently the #1 digital crime in terms of financial loss.
  • Check icon
    Cybercriminals can either hack accounts directly or use spoofed email addresses to conduct BEC scams.
  • Check icon
    Organizations should contact their financial provider immediately if any fraudulent transactions occur.
  • Check icon
  • Check icon
Reviewed by
No items found.
Author
Catherine Chipeta
Catherine Chipeta
Reviewed by
Axel Sukianto
Axel Sukianto
Join 27,000+ cybersecurity newsletter subscribers

Read more about Business Email Compromise

Learn more about Business Email Compromise (BEC) and the latest issues in cybersecurity.
UpGuard logo
What is Business Email Compromise (BEC)? And How To Prevent It
Abstract image background

What is Business Email Compromise (BEC)? And How To Prevent It

Business email compromise (BEC) occurs when cybercriminals scam organizations of sensitive data via email. Learn prevention technqiues.
Catherine Chipeta
Catherine Chipeta
November 18, 2024
View all blog posts
UpGuard customer support teamUpGuard customer support teamUpGuard customer support team

See UpGuard In Action

Book a free, personalized onboarding call with one of our cybersecurity experts.
Contact sales
Free demo

More from our blog

Learn more about the latest issues in cybersecurity.
UpGuard logo
The Top Cybersecurity Websites and Blogs of 2024
Abstract image background

The Top Cybersecurity Websites and Blogs of 2024

This is a complete guide to the best cybersecurity and information security websites and blogs. Learn where CISOs and senior management stay up to date.
Abi Tyas Tunggal
Abi Tyas Tunggal
November 18, 2024
UpGuard logo
14 Cybersecurity Metrics + KPIs You Must Track in 2024
Abstract image background

14 Cybersecurity Metrics + KPIs You Must Track in 2024

Cybersecurity metrics and key performance indicators (KPIs) are an effective way to measure the success of your cybersecurity program.
Abi Tyas Tunggal
Abi Tyas Tunggal
November 26, 2024
UpGuard logo
What are Security Ratings? Cybersecurity Risk Scoring Explained
Abstract image background

What are Security Ratings? Cybersecurity Risk Scoring Explained

This is a complete guide to security ratings and common use cases. Learn why security and risk management teams have adopted security ratings in this post.
Abi Tyas Tunggal
Abi Tyas Tunggal
November 18, 2024
UpGuard logo
How to Manage Third-Party Risk in a World of Breaches
Abstract image background

How to Manage Third-Party Risk in a World of Breaches

A comprehensive overview for managing third-party risk. Learn about common causes of third-party risks and how to mitigate them in this post.
Abi Tyas Tunggal
Abi Tyas Tunggal
November 18, 2024
UpGuard logo
How to Prevent Data Breaches in 2024 (Highly Effective Strategy)
Abstract image background

How to Prevent Data Breaches in 2024 (Highly Effective Strategy)

Learn how to implement an effective security control strategy for defending against data breaches in 2023
Edward Kost
Edward Kost
November 18, 2024
UpGuard logo
Why is Cybersecurity Important?
Abstract image background

Why is Cybersecurity Important?

If your business isn't concerned about cybersecurity, it's only a matter of time before you're an attack victim. Learn why cybersecurity is important.
Abi Tyas Tunggal
Abi Tyas Tunggal
November 18, 2024
View all blog posts
Deliver icon

Sign up for our newsletter

Stay up-to-date on everything UpGuard with our monthly newsletter, full of product updates, company highlights, free cybersecurity resources, and more.
Free instant security score

How secure is your organization?

Request a free cybersecurity report to discover key risks on your website, email, network, and brand.
  • Check icon
    Instant insights you can act on immediately
  • Check icon
    Hundreds of risk factors including email security, SSL, DNS health, open ports and common vulnerabilities
Free score
Website Security scan resultsWebsite Security scan rating
UpGuard logo
UpGuard is a complete third-party risk and attack surface management platform.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Products
Tools
Company
Insights
Products
Compare
Solutions
Company
Insights
© UpGuard, Inc.
Research GuidelinesPlatform Terms & ConditionsWebsite Terms & ConditionsPrivacyCookies