What is BEC?

BEC, or Business Email Compromise, is a type of cybercrime in which a hacker or group of hackers gain access to a company’s email accounts and use them to send fraudulent emails or redirect legitimate emails to steal money or sensitive information.

The FBI has a dedicated task force called the Internet Crime Complaint Center (IC3) that investigates and responds to reports of BEC and other forms of internet crime. The IC3 works closely with other law enforcement agencies and private sector partners to identify and track down BEC perpetrators and prevent future attacks.

Business Email Compromise (BEC) is one of the top methods bad actors use to compromise businesses. BEC involves a hacker or group of hackers gaining access to a company’s email accounts and using them to send fraudulent emails or redirect legitimate emails to steal money or sensitive information.

Other standard methods that bad actors use to compromise businesses include:

• Phishing attacks involve sending fake emails that appear to be from a legitimate source to trick the recipient into clicking on a link or providing sensitive information.
• Malware attacks involve infecting a computer or network with malicious software stealing sensitive data, or disrupting operations.
• Ransomware attacks involve encrypting a company’s data and demanding a ransom in exchange for the decryption key.
• Insider threats involve employees or contractors with access to sensitive information who misuse that access for personal gain or to harm the company.

It is essential for businesses to be aware of these threats and to implement strong security measures to protect themselves.

Awareness can include:

• Educating employees about cyber threats.
• Implementing strong passwords and two-factor authentication.
• Regularly updating software and security systems.