S1 Technology Menu Icon

What is Business Email Compromise and How Can You Avoid It?

BEC is becoming more prevalent in Louisiana and we wanted to take a moment to explain exactly what it is and how you can avoid its perils.


S1 Technology Blog What is business email compromise

Business email compromise (BEC) attacks are a form of cyber crime which use email fraud to attack commercial, government and non-profit organizations to achieve a specific outcome which negatively impacts the target organization. More simply, bad guys send malicious email to unsuspecting businesses in an effort to steal/siphon off money or intellectual property.


To illustrate the gravity of BEC, here are some stats courtesy of Security Boulevard:

  • 65% of organizations fell victim to BEC attacks in 2020

  • The energy and infrastructure sector topped the 2020 list accounting for 93% of attacks (looking at you Oil & Gas!)

  • In 2020, average business email compromise costs increased, from $54,000 in Q1 2020 to $80,183 in Q2 per attack

  • In 2020, 80% of firms experienced an increase in cyberattacks


Most often, these attacks run something like this. Cybercriminals will do research on your company to identify who's at the top of the totem poll and who pays the bills. These same criminals will then spoof an email from the president of the company or the CFO or the operations manager saying something like this, "Hey {Employee}, since the inside sales team did so well this year, I'd like for you to go out and purchase each of them an amazon gift card. Please make sure to send me a photo of each card so I can keep them for my records. Thanks!"


Another common version of business email compromise happens this way. Again, the cybercriminals will do a bunch of research on your firm to know who's who in the zoo and identify who's in accounts payable as well as a potential outside vendor with which the firm may be contracting. The bad guys will then spoof the vendor's accounts receivable email sending an message to your firm's AP department. This message most often says some thing to the effect of, "Hey {Employee}, we've recently changed banks. For this invoice continue as normal, but for next month's invoice please reroute it to account number *12342321* and routing number *828192312.* Thanks! The next thing your firm knows, you've just sent a $20k ACH payment straight to Russia...



How can you protect your firm?


As we always say, the best defense is a layered approach. What we mean there is you should have multiple failsafes in place to mitigate your risk. First and most importantly is have a strong email filtering solution in place. Now, this casts a big net as far as the products and services that are out there today to provide this service. The best solutions out there are the ones that leverage deep learning and AI to scan each email for anomalous behaviors and characteristics such as suspect language and URLs. The next best layer for your approach is end-user training. I'm sure you've heard this hundreds of times, but according to IBM user error is traceable to 95% of all cyberattacks.


If you'd like to explore your options or just want some free consulting, reach out to us at S1 Technology and we'll be happy to help you protect your business!