Business email compromise (or BEC) is a form of phishing attack where a criminal attempts to trick a senior executive (or budget holder) into transferring funds, or revealing sensitive information.
The criminals behind BEC send convincing-looking emails that might request unusual payments, or contain links to ‘dodgy’ websites. Some emails may contain viruses disguised as harmless attachments, which are activated when opened.
Unlike standard phishing emails that are sent out indiscriminately to millions of people, BEC attacks are crafted to appeal to specific individuals, and can be even harder to detect. BEC is a threat to all organisations of all sizes and across all sectors, including non-profit organisations and government.