top of page

What is Business Email Compromise?

Business email compromise (or BEC) is a form of phishing attack where a criminal attacks a business in order to defraud the company.

The criminals behind BEC send convincing-looking emails that might request unusual payments or contain links to 'dodgy' websites. Some emails may contain viruses disguised as harmless attachments, which are activated when opened.

Unlike standard phishing emails that are sent out indiscriminately to millions of people, BEC attacks are crafted to appeal to specific individuals and can be even harder to detect. BEC is a threat to all organisations of all sizes and across all sectors, including non-profit organisations and the government.

Tell tale signs of phishing

Spotting a phishing email is becoming increasingly difficult and will trick even the most careful

user. Having the confidence to ask ‘is this genuine?’ can be the difference between staying safe or a costly mishap.

How to spot signs of a phishing email/message:

  • Think about your usual working practices around financial transactions. If you get an email from an organisation you don't do business with, treat it with suspicion.

  • Look out for emails that appear to come from a high-ranking person within your organisation, requesting a payment to a particular account. Look at the sender's name and email address. Does it sound legitimate, or is it trying to mimic someone you know?

  • Ensure that all important email requests are verified using another method (such as SMS message, a phone call, logging into an account, or confirmation by post or in-person).

  • Does the email contain a veiled threat that asks you to act urgently? Be suspicious of words like 'send these details within 24 hours' or 'you have been a victim of crime, click here immediately'.

  • Some emails will try and create official-looking emails by including logos and graphics. Is the design (and quality) what you'd expect?

If you start to receive phone calls from clients, and customers saying you are sending strange emails, the likelihood is someone is in your email account, and you need to take back control.

Firstly, log into your email account settings:

  • Check how many active sessions there are and force out all of those who you don’t recognise

  • Reset the password

  • Make two-factor authentication mandatory for new logins

  • Check the rules for any new or strange email rules that have been added

But don’t forget, have you or your IT team worked out how the attackers got in?

The Cyber Resilience Centre for the South East can help with our Remote Vulnerability Assessment.

Whether you are a school, retail business, legal firm or construction company, if you use and are connected to the internet then you may well be open vulnerabilities that you are not aware of. If your business is connected to the internet, this service can help you to identify weaknesses in that connection.

A remote vulnerability assessment is the digital version of a prospective burglar visiting your property to assess where your access points are. Instead of physically viewing your property, we can remotely look at your digital space to see where those points of entry would be for cyber criminals.

To identify where those access points are, we use the same toolsets and skillsets that hackers use to look at your businesses network and infrastructure. This service also benefits from regional Police and National Cyber Security Centre intelligence to capture the very latest known threats and techniques used by cyber criminals.

Discover how our Remote Vulnerability Assessment could help secure your business, here


bottom of page