6 Types of BEC Scams and 4 Ways to Protect Your Business

What Are Business Email Compromise (BEC) Scams? 

Business Email Compromise (BEC) scams are a form of cybercrime where fraudsters impersonate high-ranking executives or trusted business partners with the aim of tricking employees, customers, or vendors into transferring money or sensitive information. This type of scam is often sophisticated and well-researched, making it a formidable threat to businesses of all sizes.

The modus operandi of BEC scams involves compromising legitimate business email accounts through social engineering or computer intrusion techniques to initiate unauthorized transfers of funds. The scam can be incredibly damaging, with businesses potentially losing millions of dollars. Unfortunately, due to the clever disguise of the fraudsters and the use of legitimate email addresses, BEC scams can be difficult to detect and prevent.

BEC scams are a growing threat to businesses worldwide. According to the FBI, BEC scams have resulted in losses of over $51 billion over the past decade. The threat is pervasive and ever-evolving, with fraudsters continually refining their techniques to bypass security measures. Therefore, it’s crucial for businesses to understand the different types of BEC scams and how they operate to better protect themselves.

6 Types of BEC Attack Scams 

1. CEO Fraud

CEO fraud, also known as “Whaling,” is a type of BEC scam where the attacker impersonates the CEO or another high-ranking executive within a company. The fraudster will typically send an email to a lower-level employee, often in the finance department, requesting an urgent wire transfer or sensitive information.

The email will appear to come from the executive’s actual email address, and the language used will often mimic the executive’s typical writing style. This type of scam is particularly effective because employees are less likely to question a request coming from their superior. Furthermore, the urgency and confidentiality often stressed in these emails discourage the targeted employee from verifying the request through other channels.

2. Thread Hijacking

Thread hijacking involves the fraudster infiltrating an existing email thread to divert payments or steal information. After gaining access to an email account, the fraudster will monitor the email conversations and wait for the right opportunity to intervene.

This type of scam is particularly difficult to detect since the scammer is participating in legitimate email threads. The scam can lead to significant financial losses and can also damage a company’s relationships with its clients or suppliers

3. Invoice or Supplier Swindle

In the invoice or supplier swindle, fraudsters impersonate a vendor or supplier and send a fake invoice to a company. The invoice will look legitimate and request payment to a new bank account. This type of scam often involves substantial research on the part of the fraudster, as they need to know the details of the supplier and the typical amounts of invoices.

An invoice swindle scam often targets businesses with foreign suppliers, as the change in payment details can be explained by various plausible reasons, such as changes in international banking regulations or supplier banking details. This type of BEC scam can lead to substantial financial losses if the company unknowingly pays the fraudulent invoice.

4. Account Compromise

In an account compromise attack, the attacker gains access to a corporate email account and uses it to request invoice payments to vendors listed in the email contacts. The money is then transferred to a bank account controlled by the fraudster.

These types of scams can be particularly damaging as the fraudster has control over a legitimate business email account, making the scam difficult to detect. Furthermore, the fraudster can continue to operate the scam until the account compromise is discovered and access is revoked.

5. Attorney Impersonation

In the attorney impersonation scam, fraudsters pose as a lawyer or legal representative associated with the company. They typically contact employees via email or phone, often with an urgent, confidential matter that requires immediate financial action.

The fraudster will create a sense of urgency and secrecy, often claiming that the matter pertains to a critical business deal, litigation, or regulatory issue. This type of scam often targets senior executives and is conducted at the end of the business day or work week to limit verification opportunities.

6. Data Theft

In a data theft BEC scam, fraudsters target employees who have access to sensitive data. The attacker impersonates a high-ranking executive or manager and requests sensitive information, such as employee tax information, customer data, or corporate intellectual property.

The data is then used for various other cybercrimes, such as identity theft, corporate espionage, or further BEC scams. This type of BEC scam is particularly harmful to a company’s reputation and can lead to significant fines if customer data is compromised.

How to Identify BEC Scams 

Unexpected Requests

One of the most common characteristics of Business Email Compromise (BEC) Scams is unexpected requests. The scammer might send an email impersonating a senior executive, a trusted supplier, or even a known customer, asking you to perform a task outside your typical duties. This might include transferring funds to an unknown account, purchasing gift cards, or providing sensitive data. Always be cautious of such unusual requests, particularly if they involve financial transactions or sensitive data.

Urgency and Pressure

Scammers often create a sense of urgency to pressure you into complying with their requests without questioning them. They might claim that the matter is highly confidential or critical to the company’s operations, preventing you from discussing it with your colleagues or superiors. Such urgency and pressure tactics are red flags indicating a potential BEC scam. It’s crucial to remain calm and take the time to verify the request’s legitimacy, no matter how urgent it seems.

Odd Email Addresses

Scammers frequently use email addresses that resemble those of your colleagues or business partners, but with slight alterations that are easy to overlook. For example, they might replace a letter with a number or add an extra character. Always double-check the sender’s email address, especially if you receive a suspicious or unexpected request. Look for any deviations from the authentic email address, regardless of how minor they might seem.

Unexpected Attachments or Links

BEC scams often involve unexpected attachments or links. For example, scammers might attach invoices or other paperwork to help convince finance personnel to release a payment. Always be wary of unexpected attachments or links, even if they appear to come from trusted sources.

Lack of Personalization

Scammers often send out mass emails to multiple recipients, which tend to lack personalization. If an email uses generic salutations or does not refer to specific details about your business relationship with the sender, it could be a BEC scam. Always be cautious of impersonal emails, particularly if they include suspicious requests or attachments.

Learn more in our detailed guide to BEC examples 

4 Ways to Prevent BEC Scams 

1. Strong Internal Control Processes

Implementing strong internal control processes is crucial in preventing BEC scams. These controls might include multiple approval levels for financial transactions, regular audits of financial activities, and clear communication protocols. By establishing robust internal control processes, you can minimize the risk of falling victim to BEC scams.

2. Email Authentication Protocols

Email authentication protocols like SPF (Sender Policy Framework), DKIM (Domain Keys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting & Conformance) can help protect your enterprise from BEC scams. These protocols validate the sender’s identity, reducing the risk of email spoofing. Implementing email authentication protocols is a critical step towards safeguarding your enterprise from BEC scams.

3. Advanced Email Security Tools

Advanced email security tools can effectively detect and block BEC scams. These tools use artificial intelligence and machine learning to analyze email content, sender’s behavior, and other factors to identify potential threats. They can also quarantine suspicious emails, preventing them from reaching the recipients’ inboxes. Investing in advanced email security tools is a strategic move towards a safer digital environment.

4. Employee Training and Awareness

Finally, employee training and awareness are essential in preventing BEC scams. By educating your employees about the nature of these scams and how to identify them, you can empower them to be your first line of defense. Regularly conduct cybersecurity training sessions, conduct BEC drills to test readiness, and encourage your employees to report any suspicious emails or requests.

Preventing BEC Scams with Perception Point

Perception Point’s Advanced Threat Detection is powered by a multi-layered platform that identifies and intercepts any content-borne cyberattack, leveraging patented dynamic and static technologies that rapidly scan all files, URLs, and free text. 

Perception Point’s Anti-BEC layer detects emails that do not necessarily include malicious files/URLs and provides protection of stakeholders and third-party assets. 

The Anti-BEC layer uses various technologies for identifying spoofing and validating authenticity of the sender, analyzing language and tone, and analyzing and monitoring communication patterns to detect suspicious behavior. The layer implements advanced behavioral analysis algorithms, using data science and AI/ML. 

Among the technologies that are used in this layer are VIP lists and name spoofing, domain spoofing protection, SPF, DKIM, DMARC checks, Domain look-a-like identification, lexical analysis, scoring mechanisms analyzing different vectors, automatic vendor learning, and more. 

Learn more about Perception Point anti-BEC technology