Business Email Compromise

TECHNICAL DEFINITION

Business Email Compromise (BEC) is a sophisticated social engineering attack where a threat actor impersonates a trusted entity, such as a CEO or vendor, using spoofed or compromised email accounts to induce a victim into performing a fraudulent wire transfer or exfiltrating sensitive corporate data, often resulting in significant financial loss.

BACKGROUND

Computer security is a subdiscipline within the field of information security. It focuses on protecting computer software, systems, and networks from threats that can lead to unauthorized information disclosure, theft, or damage to hardware, software, or data, as well as to the disruption or misdirection of the services they provide.

SYNONYMS & ALIASES

• CEO Fraud
• Email Account Compromise (EAC)
• Man-in-the-Email (MITO)
• Vendor Email Compromise (VEC)
• Wire Transfer Fraud
• Invoice Phishing

USAGE NOTE

BEC is often discussed in the context of financial fraud controls and employee security awareness training, as it bypasses many traditional technical defenses.

DEVELOPERS

Organizations developing technology related to Business Email Compromise.

• Abnormal Security

  An AI-native cloud email security platform that uses behavioral AI to model the identity of both internal and external senders, detecting and blocking business email compromise and other socially-engineered attacks.

• Proofpoint

  A leading cybersecurity company providing a comprehensive suite of email security solutions. Their technology specifically targets BEC by using advanced machine learning, sender reputation analysis, and threat intelligence to detect and quarantine impersonation and supplier fraud emails.

• Mimecast

  A cloud-based email security provider whose Targeted Threat Protection service is designed to defend against BEC. It uses multiple detection engines, including impersonation detection, domain similarity checks, and content analysis to identify suspicious emails.

• Agari (by Fortinet)

  A pioneer in email identity authentication and a key contributor to the DMARC standard. Agari's technology, now part of Fortinet's portfolio, uses machine learning to model trusted email behaviors and identities to protect against advanced identity deception tactics common in BEC attacks.

• Microsoft

  Through Microsoft Defender for Office 365, Microsoft provides native protection against BEC for its massive user base. The service uses AI-powered impersonation detection, anti-phishing policies, and machine learning models to identify and block sophisticated email threats.

• Tessian

  A company focused on 'Human Layer Security' that uses machine learning to understand normal email communication patterns and behaviors. It detects and prevents BEC attacks by flagging anomalous emails that deviate from established relationships and content norms.

• Barracuda Networks

  Offers a multi-layered email protection platform. Its Barracuda Sentinel product leverages an AI engine that integrates directly with Microsoft 365 to learn unique communication patterns and detect BEC, account takeover, and spear phishing in real-time.

• Area 1 Security (by Cloudflare)

  A cloud-native email security solution, acquired by Cloudflare, that takes a preemptive approach to stopping BEC and phishing. It actively crawls the internet to discover attacker infrastructure and campaigns at their earliest stages, blocking them before they can reach inboxes.