top of page

Business Email Compromise (BEC) Attacks

Updated: Feb 22

When Business Email Compromise (BEC) attacks first began showing up as a problem a few years back, the FBI warned that the scam “relies on the oldest trick in the con artist's handbook: deception. The basic premise may not be very sophisticated, but it is very effective.


Since 2013, organized crime groups have targeted large and small companies and organizations in every U.S. state and more than 100 countries around the world—from non-profits and well-known corporations to churches and school systems. Losses are in the billions of dollars and still climbing.


In a 2019 Internet Crime Report, the FBI said it had recorded more than $1.7 billion in losses related to 23,775 BEC attacks. That was nearly half of all reported losses from cybercrime. And during the pandemic, cybercrimes like BEC increased even more.



person using a mobile device


How Do BEC Attacks Work?


The basic aim of BEC is to trick company employees using email into making sensitive information accessible. Examples of sources sought to compromise include:

  • Access to company finances.

  • Electronic transfers of funds into an account.

  • Ability to penetrate a company’s network.


Often, these attacks are accomplished through a combination spear-phishing with malware - and then carrying out surveillance on the organization and its senior executives. Then, at a time of their choosing based on knowledge of schedules and communication habits of executives, the criminals send phony emails purportedly from an executive to someone in finance, for example, requesting an immediate wire transfer.

The following are some tools used by cybercriminals to target and exploit their victims:


  • Spoofing e-mail accounts and websites: Slight variations on legitimate addresses e.g., john.kelly@abccompany.com vs. john.kelley@abccompany.com, can trick you into thinking fake accounts are authentic. The criminals then use a spoofing tool to direct e-mail responses to a different account that they control. You think you're corresponding with your manager, but your responses are redirected to the bad actor.

  • Spear-phishing: Bogus e-mails, believed to be from a trusted sender, prompt you to reveal confidential information to the BEC perpetrators.

  • Malware: Used to infiltrate company networks and gain access to legitimate e-mail threads about billing and invoices. That information is used to make sure the suspicions of an accountant or financial officer are not raised when a fraudulent wire transfer is requested. Malware also allows criminals undetected access to your data, including passwords and financial account information.



How Can You Prevent a BEC Attack?


One of the core features of the Gold Comet solution is “whitelisting.” Whitelisting is defined as the practice of allowing only explicitly identified entities access to a privilege, service, mobility, permission, or recognition, the reverse of which is blacklisting, which explicitly denies access.


As implemented within Gold Comet's platform, whitelisting is a process of controlling the accounts with whom you may share data and communicate and eliminates the risk of BEC attacks. If an email address is not whitelisted, emails are not delivered into the Gold Comet system, eliminating spam, spoofed email accounts, phishing (including spear-phishing), and malware.


bottom of page