BEC (Business Email Compromise)

Definition

Business Email Compromise (BEC) is a sophisticated fraud where attackers compromise or impersonate a business email account to trick employees into financial transactions or sharing sensitive information.

BEC attacks are particularly dangerous because they require no malware. Attackers compromise an email account or register a domain resembling the real one (typosquatting).

BEC caused over $2.9 billion in damage in 2023 (FBI IC3 Report).

Related terms

Phishing Spear Phishing MFA (Multi-Factor Authentication)
← Back to glossary