Business Email Compromise

Business Email Compromise (BEC) continues to deceive people into believing they are interacting with a trusted sender. Unfortunately, by gaining trust, the cybercriminal can transfer funds to their accounts, gain access to sensitive data, or other ill-intended actions with great success.

Overview

BEC attacks are cunning and when combined with human error, are so successful the FBI labeled them “one of the most financially damaging online crimes.” Traditional email security practices of focusing on content and infrastructure analysis will not work against BEC. Dive deeper into the anatomy of BEC and how to successfully minimize the sophisticated threat.

Request a Demo

Take Our Email Assessment

Stages of a BEC Attack

Business Email Compromise comes in many forms. These are sham security alerts, last-minute payment requests, bogus past-due statements, fraudulent wiring instructions, and more. BEC and phishing scams continue to be the primary attack vectors into organizations—and in 2021 alone, over $44 million in losses were a direct result of successful phishing campaigns and social engineering scams.

PHASE 1: Preparation

Build Target List

Cybercriminals start by building a target list, often using business contact databases, mining LinkedIn profiles, and even scouring the target's website to identify key individuals and relationships.

PHASE 2: Execution

Launch Attack

Attackers launch BEC campaigns, sending email to their targeted list. BEC attacks have no malicious payload and will use impersonation tactics like display name deception, spoofing, or lookalike domains to compromise your account.

PHASE 3: Deception

Apply Social Engineering

To convince the victim to take action, attackers impersonate people of authority, such as the CEO or CFO, and express urgency within the request.

PHASE 4: Action

Reap Rewards

With trust, authority and urgency established, the victim proceeds with the request. Unfortunately, the results can end with great financial loss or a colossal data breach.

How Fortra Defends Against Business Email Compromise

Modeling Sender Trust & Email Authenticity

Focusing on content and infrastructure analysis doesn’t work against BEC, since no malicious payloads are used and they can be launched via reputable email services.

Agari carefully inspects each incoming email, analyzing the human relationships and behaviors. By understanding the identities behind the message, Agari spots the anomalous BEC behaviors preventing the attack from reaching the inbox.

Request Demo

Automated Partner & Supplier Fraud Prevention

Cybercriminals often pose as a trusted supplier or partner in order to conduct invoice fraud, real estate scams, or other common BEC attacks.

Agari uses a collection of machine learning models to evaluate relationships and behavioral patterns between individuals, brands, vendors, and domains using hundreds of characteristics to detect malicious emails. These capabilities allow you to detect when internal email accounts start behaving abnormally. This hands-free approach protects your employees from the modern attacks of today and those we anticipate through predictive insights into the future.

Prevent BEC Attacks with Advanced Features

Advanced Email Authentication

Agari DMARC Protection enables administrators to prevent hackers from hijacking domains for email spoofing, executive impersonation, and spear phishing attacks. Without DMARC, organizations are risking years’ worth of hard work by their email administrators and SOC teams.

Real-Time Threat Detection

Agari uses advanced machine learning algorithms to analyze email behavior in real-time and detect anomalies that may indicate a BEC attack. This machine learning allows Agari to uniquely learn sender-receiver relationships to model “the good” and quickly detect “the bad.”

Automatic Incident Response

Agari can automatically respond to BEC attacks by quarantining suspicious emails, blocking malicious domains and IP addresses, and alerting administrators of the incident.

Collaboration and Intelligence

BEC attacks are constantly evolving within the business and individual user environments, so it’s not enough to keep up with the latest malicious tactics—you need to stay one step ahead of threat actors.

Agari detects threats and prevents the latest BEC tactics, including display name deception, spoofing, and lookalike domains. In addition, Agari baits cybercriminals into giving up unique insights to ensure that our customers are protected from future attacks.

Intel based on collection and analysis of threats happening not only in your organization, but from a host of global enterprises compromised of millions of users.
Proactively monitor for lookalike domain registrations created with the intent to prey on employee inboxes.
Extensive network of registrar partners to automate killswitches removing threats quickly

Business Email Compromise Solutions

Protect Your Organization from Costly Advanced Email Attacks

Agari Phishing Defense

Stop sophisticated identity deception threats, including business email compromise, executive spoofing, and account takeover-based attacks.

Agari Phishing Response

Accelerate phishing incident triage, forensics, remediation, and breach containment for the Security Operations Center (SOC).

Agari DMARC Protection

Agari DMARC Protection - Enable administrators to prevent hackers from hijacking your domains for email spoofing, executive impersonation, and spear phishing attacks.

Cybersecurity Training

Effective, scalable email training can promote safe email behaviors and inform users of risks thereby helping to prevent cybercriminals from succeeding.

Suspicious Email Analysis

Fortra's PhishLabs allow email users to identify threats lurking in their inboxes to relay intel to their organizations. Better reports lead to further strengthening of digital risk protections.

Secure Email Gateway

Fortra's Clearswift offers a unique and effective layer of real-time, signature-less inspection to detect and sanitize evasive threats, delivering highly secure email without delays.

REQUEST A DEMO

The biggest benefit we got from deploying the Agari solution was visibility. We got visibility into the attack space and into how inconsistent some of our enterprise controls were applied.

Bill Burns, Chief Trust Officer, Informatica

FAQ

What Is Business Email Compromise?

Business Email Compromise (BEC) is a form of phishing that involves social engineering to masquerade as executives or others to deceive people into believing they’re interacting with a trusted sender.

What Is the Main Goal of Business Email Compromise?

By gaining trust, the cybercriminal can have money sent to their accounts, gain access to sensitive data, or other ill-intended actions. Unlike suspicious emails and links, BEC are more sophisticated and therefore better at tricking recipients into believing the communication is from a trusted individual.

Business Email Compromise Examples

BEC targets can be Fortune 500 companies, charities, or even government. Here are two costly BEC examples.

The finance director of Puerto Rico’s Industrial Development Company was tricked into transferring more than $2.6 million when he received an account impersonation email appearing to be from the Puerto Rico Employment Retirement System. The email stated that there had been an update to the payment methods. Fortunately, the funds were recovered with the help of the FBI.

Another example involves CEO fraud in which cybercriminals impersonated executives at food companies convincing suppliers to ship thousands of dollars of powdered milk to the criminals. This prompted US federal agencies to warn organizations to take the proper precautions to “protect their brand and reputation.”