Home » Technology » What Is A BEC Scam? How Does It Happen?

What Is A BEC Scam? How Does It Happen?

Phishing attacks has become more common these days no matter in what form it is. Some of the common phishing attacks include CEO fraud, BEC scam, whaling, etc. BEC has cost several thousand dollars to major companies around the world and if you are also running a business, it is extremely important for you to know what is a BEC scam, how does it happen and how you can prevent it.

BEC scams are also known by the names of ceo fraud and Man in the email scam. In the last year major organizations like Facebook and Gmail was attacked with a BEC scam claiming to be an Asian supplier with a fraud of $100M. Think about it for a while, if such large organizations can be hit by a BEC scam, where does your business stand? Let us get to know a little more about this notorious BEC scam.

What Is A BEC Scam?

BEC stands for Business Email Compromise. It is a form of phishing attack in which a cybercriminal pretends to be a higher authority, like CEO, and trick an employee or customer to wire money to a specific account or to send sensitive information to the attacker. If the attackers impersonates a CEO, it is often termed as the CEO fraud as well.

Unlike phishing attacks which are produced in mass amount and often gets trapped in the spam filters of the email accounts, BEC attacks are highly focused and targeted to specific individuals. The cybercriminals do proper research by studying the social media accounts, read recent news, research employees, etc. in order to make the attacks as convincing as possible. Due to highly targeted approach, such scams slip through the email accounts’ spam filters and increase the chances of getting successful. The employees often fail to recognize that the email is not legitimate.

How Does It Happen?

BEC scam always starts with an investigation as the cybercriminal learns about his target. They get to know even the minor details of their victim, how the organization is structured and who to target in order to maximize the chances of getting successful. The attackers also compromise the email account of employees in order to get more in-depth information about him. They formulate an email message which will be the most convincing.

BEC scams often happen in three forms, either the email looks like coming from a company executive or from a business partner, or from a business attorney.