{"id":20488,"date":"2022-02-07T12:57:55","date_gmt":"2022-02-07T12:57:55","guid":{"rendered":"https:\/\/easydmarc.com\/blog\/?p=20488"},"modified":"2023-04-27T14:40:58","modified_gmt":"2023-04-27T14:40:58","slug":"what-is-business-email-compromise-bec","status":"publish","type":"post","link":"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/","title":{"rendered":"What is Business Email Compromise (BEC)?"},"content":{"rendered":"<p><b>Business email compromise<\/b><span style=\"font-weight: 400;\"> (or BEC for short) is a category of cyberattack that involves targeting, impersonating, or taking over business\u2019 email accounts. This type of attack has surged in popularity due to more businesses transitioning to a cloud-based infrastructure in recent years.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Such cloud-based networks are great for businesses but have notoriously weak security, especially considering how much access they give to a company\u2019s inner workings. Overall, they\u2019ve become major targets for hackers.<\/span><\/p>\n<p><b>A business email compromise<\/b><span style=\"font-weight: 400;\"> is a worldwide issue for small and large businesses alike. In total, BEC attacks have cost companies billions of dollars over the years. But they\u2019re not impossible to prepare for and prevent. Read on to learn how you can defend yourself and your business against <\/span><b>business email compromise attacks<\/b><span style=\"font-weight: 400;\">.<\/span><\/p>\n<h2><b>What is BEC?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Before we go over prevention measures, let\u2019s explore the <\/span><b>business email compromise definition <\/b><span style=\"font-weight: 400;\">in depth. So, <\/span><b>what is BEC<\/b><span style=\"font-weight: 400;\">?&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">It\u2019s a social engineering attack that targets a victim in a company and sends a legitimate-seeming email that claims to be from a trusted source. The email typically requests money or information of some kind for a supposedly genuine reason. Upon closer inspection, it\u2019s usually apparent that the sender is not who they claim to be.<\/span><span style=\"font-weight: 400;\"><a href=\"https:\/\/www.youtube.com\/watch?v=DrTP-mokbM8\" target=\"_blank\" rel=\"noopener\"><code><\/code><\/a><\/span><\/p>\n<div style=\"text-align: center;\">\n<p><iframe title=\"YouTube video player\" src=\"https:\/\/www.youtube.com\/embed\/DrTP-mokbM8\" width=\"560\" height=\"315\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\"><\/iframe><\/p>\n<\/div>\n<h2><b>How Does Business Email Compromise Work?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">With the amount of damage that this type of scam has caused, the <\/span><a href=\"https:\/\/www.fbi.gov\/scams-and-safety\/common-scams-and-crimes\/business-email-compromise\"><span style=\"font-weight: 400;\">FBI<\/span><\/a><span style=\"font-weight: 400;\"> has investigated the matter extensively. They define five major categories for BEC attacks:<\/span><b><\/b><\/p>\n<ul>\n<li aria-level=\"1\"><b>Bogus Invoice Scheme: <\/b><span style=\"font-weight: 400;\">The attacker pretends to be one of the company\u2019s goods or services providers and sends an invoice to request funds to a false account.<\/span><\/li>\n<li aria-level=\"1\"><b>CEO Fraud: <\/b><span style=\"font-weight: 400;\">The attacker mimics an executive position in the company and sends an email to an individual employee requesting either information or funds.<\/span><\/li>\n<li aria-level=\"1\"><b>Account Compromise: <\/b><span style=\"font-weight: 400;\">The attacker manages to get hold of an employee\u2019s email account to request payments be made for various services into the attacker\u2019s false bank accounts.<\/span><\/li>\n<li aria-level=\"1\"><b>Attorney Impersonation: <\/b><span style=\"font-weight: 400;\">The attacker appears to be a legal representative and targets members of a company with low knowledge of the business\u2019s legal affairs. Once they\u2019ve established a false sense of authority, they make requests for funds or information.<\/span><\/li>\n<li aria-level=\"1\"><b>Data Theft:<\/b><span style=\"font-weight: 400;\"> Attackers target HR and other employees to attain sensitive data about the company or even personal information about higher-ups and executives. This information can be used against the company in the future.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">The above methods require some way for the attacker to take advantage of human error and acquire data. There are three common ways to do this:<\/span><b><\/b><\/p>\n<ul>\n<li aria-level=\"1\"><b>Official <a href=\"https:\/\/easydmarc.com\/blog\/what-is-domain-spoofing\/\">Domain Spoofing<\/a>:<\/b><span style=\"font-weight: 400;\"> The attacker creates a false site <\/span><a href=\"https:\/\/easydmarc.com\/blog\/business-email-compromise-bec-2021-cybersecurity-problem\/\"><span style=\"font-weight: 400;\">or email<\/span><\/a><span style=\"font-weight: 400;\"> account where the domain mirrors the official domain. This is then used to trick individuals into trusting them and following any demands.<\/span><\/li>\n<li aria-level=\"1\"><b>Lookalike Domain Spoofing: <\/b><span style=\"font-weight: 400;\">The attacker creates a domain with a typo or slight alteration of the official domain\u2019s name. Usually, this involves a fake website or email account that purposefully replicates the official version. The goal is to exploit employees who miss the small alteration to the domain.&nbsp;<\/span><\/li>\n<li aria-level=\"1\"><b>Compromised Accounts: <\/b><span style=\"font-weight: 400;\">The attacker gets hold of an official account and uses it to take advantage of any connections the individual has. Anyone who trusts that account is at risk, and the attacker exploits this to spread their scams.<\/span><\/li>\n<\/ul>\n<h3><b>Business Email Compromise Examples<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Now that we know the \u201chow\u201d of <\/span><b>BEC attacks<\/b><span style=\"font-weight: 400;\">, let\u2019s discuss a few real cases. Here are some known <\/span><b>business email compromise examples<\/b><span style=\"font-weight: 400;\"> from the last several years:<\/span><b><\/b><\/p>\n<ul>\n<li aria-level=\"1\"><b>Toyota, 2019: <\/b><span style=\"font-weight: 400;\">An attack that targeted Japan\u2019s Boshoku Corporation\u2019s CEO ended up costing the company $37 million due to a <\/span><a href=\"https:\/\/www.forbes.com\/sites\/leemathews\/2019\/09\/06\/toyota-parts-supplier-hit-by-37-million-email-scam\/?sh=1014fcc5856d\"><span style=\"font-weight: 400;\">false wire transfer scam<\/span><\/a><span style=\"font-weight: 400;\">.<\/span><\/li>\n<li aria-level=\"1\"><b>COVID-19 Health Organizations, 2020: <\/b><span style=\"font-weight: 400;\">When the public\u2019s desire for information on the pandemic rapidly began to soar, so too did scam opportunities. Using fake domains intended to resemble various trusted organizations like the World Health Organization, scammers spread malware and misinformation as efficiently as the disease itself.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Treasure Island Homeless Charity, 2021:<\/b><span style=\"font-weight: 400;\"> Attackers always look for weak links to exploit, and most charities lack cybercrime insurance. This San Francisco-based one wasn\u2019t an exception, either. Hackers <\/span><span style=\"font-weight: 400;\">got into the system<\/span><span style=\"font-weight: 400;\"> via a bookkeeper\u2019s email and initiated a month-long attack, resulting in losses of $625,000.<\/span><\/li>\n<\/ul>\n<h2><b>Why is BEC Effective?<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">While malware and viruses can be prevented and defended against, human error is a factor that all systems suffer from. <\/span><b>Business email compromise (BEC) attacks<\/b><span style=\"font-weight: 400;\"> take advantage of this component as much as possible.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Whether they target someone on the bottom of the corporate ladder or the very top, attackers are bound to find a mistake or slip somewhere. They exploit this to gain a foothold, acquire information, and even siphon funds from the company. The process is similar, whether it\u2019s a small five-person team or a several thousand-employee mega-corporation.<\/span><\/p>\n<h2><b>How to Avoid BEC Attacks<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Since BEC attacks prey on simple mistakes, there are steps you can take to avoid them. Here are a few tips to help you and your team prevent <\/span><b>business email compromise<\/b><span style=\"font-weight: 400;\">:<\/span><\/p>\n<h3><b>Don\u2019t Overshare on Social Media<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Always be mindful of what information you\u2019re sharing on social media. If an attacker is determined enough, they\u2019ll go digging. And they\u2019ll find details to use as hooks to further the attack.<\/span><\/p>\n<h3><b>Don\u2019t Rush into Taking Action, Especially if Pushed<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">A sense of urgency in emails and messages (<\/span><i><span style=\"font-weight: 400;\">especially<\/span><\/i><span style=\"font-weight: 400;\"> from sources you don\u2019t trust\/recognize) should always be taken with a grain of salt. What\u2019s the hurry? If their reason for rushing you into action is vague or sounds suspicious, don\u2019t fall for any demands. Take your time, and don\u2019t make rash decisions just because an email sounds frantic.<\/span><\/p>\n<h3><b>Verify the Sender, the Address, the URL, etc.<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">This one requires a careful eye. Take extreme caution in ensuring and double-checking the validity of any URLs, domains, senders, etc. You can talk to the sender over the phone, check the links for any typos and make sure the email address is on your contact list.<\/span><\/p>\n<h3><b>Set Up Two or Multifactor Authentication<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">While most people groan and roll their eyes at any prompt for you to upgrade your account\u2019s security with multi-step verification, it really is a good idea. Simply put, it\u2019s another added layer of protection that\u2019ll keep attackers from preying on your account.<\/span><\/p>\n<h3><b>Label External Emails<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Be cautious of any emails that aren\u2019t in your contacts or business\u2019 directories. Always scrutinize first-time emailers before opening or interacting with anything they send.<\/span><\/p>\n<h3><b>Verify Requests in Person Even if They&#8217;re from the Bosses<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">Requests and demands (especially those dealing in information or transactions) should be verified person-to-person. Don\u2019t take a friendly message from the \u201cboss\u201d at face value. Confirm that they are the official sender.<\/span><\/p>\n<h3><b>Implement DMARC and Anti-Phishing Protection<\/b><\/h3>\n<p><span style=\"font-weight: 400;\">DMARC (or domain-based message authentication) and other anti-phishing protocols have become vital to reduce incoming BEC attempts on any employees in the workplace. Such security measures greatly reduce the chance of human error that creates cracks in a system\u2019s security. That\u2019s why businesses massively benefit from implementing protocols like DMARC.<\/span><\/p>\n<h2><b>Final Thoughts<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">While systems can be compromised from common human mistakes that anyone can make, there are plenty of ways to prevent and defend against BEC scams. Be cautious and make sure that all team members keep their wits about them online.&nbsp;<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Always verify email accounts, first-time emailers, and URLs, and don\u2019t rush into rash decisions. Confirm important requests in person and set up two- or multi-factor verification. Lastly, implement security measures like DMARC to reduce BEC attacks and help keep your organization and employees safe.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Business email compromise (or BEC for short) is &#8230;<\/p>\n","protected":false},"author":5,"featured_media":20489,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[204,290,199,289],"tags":[],"class_list":["post-20488","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-cyberattacks-cyberthreats","category-cybersecurity","category-social-engineering"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>What is Business Email Compromise (BEC)? | EasyDMARC<\/title>\n<meta name=\"description\" content=\"Business email compromise (or BEC) impersonates or takes over business email accounts. Learn why it&#039;s effective and how to avoid it.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What is Business Email Compromise (BEC)?\" \/>\n<meta property=\"og:description\" content=\"Business email compromise (or BEC) impersonates or takes over business email accounts. Learn why it&#039;s effective and how to avoid it.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/\" \/>\n<meta property=\"og:site_name\" content=\"EasyDMARC\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/EasyDMARC\/\" \/>\n<meta property=\"article:published_time\" content=\"2022-02-07T12:57:55+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-04-27T14:40:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/02\/08.02-What-is-Business-Email-Compromise-BEC_.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1440\" \/>\n\t<meta property=\"og:image:height\" content=\"910\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Hasmik Khachunts\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@easydmarc\" \/>\n<meta name=\"twitter:site\" content=\"@easydmarc\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Hasmik Khachunts\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-business-email-compromise-bec\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-business-email-compromise-bec\\\/\"},\"author\":{\"name\":\"Hasmik Khachunts\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#\\\/schema\\\/person\\\/1ee4f162a98bccc5ff8b6fefdfaf245c\"},\"headline\":\"What is Business Email Compromise (BEC)?\",\"datePublished\":\"2022-02-07T12:57:55+00:00\",\"dateModified\":\"2023-04-27T14:40:58+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-business-email-compromise-bec\\\/\"},\"wordCount\":1275,\"publisher\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-business-email-compromise-bec\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/02\\\/08.02-What-is-Business-Email-Compromise-BEC_.jpg\",\"articleSection\":[\"Blog\",\"Cyberattacks and Cyberthreats\",\"Cybersecurity\",\"Social Engineering\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-business-email-compromise-bec\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-business-email-compromise-bec\\\/\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-business-email-compromise-bec\\\/\",\"name\":\"What is Business Email Compromise (BEC)? | EasyDMARC\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-business-email-compromise-bec\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-business-email-compromise-bec\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/02\\\/08.02-What-is-Business-Email-Compromise-BEC_.jpg\",\"datePublished\":\"2022-02-07T12:57:55+00:00\",\"dateModified\":\"2023-04-27T14:40:58+00:00\",\"description\":\"Business email compromise (or BEC) impersonates or takes over business email accounts. Learn why it's effective and how to avoid it.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-business-email-compromise-bec\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-business-email-compromise-bec\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-business-email-compromise-bec\\\/#primaryimage\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/02\\\/08.02-What-is-Business-Email-Compromise-BEC_.jpg\",\"contentUrl\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/02\\\/08.02-What-is-Business-Email-Compromise-BEC_.jpg\",\"width\":1440,\"height\":910,\"caption\":\"08.02 What is Business Email Compromise BEC\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/what-is-business-email-compromise-bec\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Blog\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/category\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Cybersecurity\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/category\\\/blog\\\/cybersecurity\\\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Cyberattacks and Cyberthreats\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/category\\\/blog\\\/cybersecurity\\\/cyberattacks-cyberthreats\\\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"Social Engineering\",\"item\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/category\\\/blog\\\/cybersecurity\\\/cyberattacks-cyberthreats\\\/social-engineering\\\/\"},{\"@type\":\"ListItem\",\"position\":6,\"name\":\"What is Business Email Compromise (BEC)?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/\",\"name\":\"EasyDMARC\",\"description\":\"Blog\",\"publisher\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/#organization\",\"name\":\"EasyDMARC\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"url\":\"https:\\\/\\\/easydmarc.com\\\/img\\\/logo.png\"},\"image\":{\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/EasyDMARC\\\/\",\"https:\\\/\\\/x.com\\\/easydmarc\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/easydmarc\\\/mycompany\\\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/#\\\/schema\\\/person\\\/1ee4f162a98bccc5ff8b6fefdfaf245c\",\"name\":\"Hasmik Khachunts\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/556e30ecef3fde7f1400ab37fa210642b14cd1a6cf57ae3d669996eb5324fc9e?s=96&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/556e30ecef3fde7f1400ab37fa210642b14cd1a6cf57ae3d669996eb5324fc9e?s=96&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/556e30ecef3fde7f1400ab37fa210642b14cd1a6cf57ae3d669996eb5324fc9e?s=96&r=g\",\"caption\":\"Hasmik Khachunts\"},\"url\":\"https:\\\/\\\/easydmarc.com\\\/blog\\\/author\\\/hasmik\\\/\"}]}<\/script>\n<meta property=\"og:video\" content=\"https:\/\/www.youtube.com\/embed\/DrTP-mokbM8\" \/>\n<meta property=\"og:video:type\" content=\"text\/html\" \/>\n<meta property=\"og:video:duration\" content=\"129\" \/>\n<meta property=\"og:video:width\" content=\"480\" \/>\n<meta property=\"og:video:height\" content=\"270\" \/>\n<meta property=\"ya:ovs:adult\" content=\"false\" \/>\n<meta property=\"ya:ovs:upload_date\" content=\"2022-02-07T12:57:55+00:00\" \/>\n<meta property=\"ya:ovs:allow_embed\" content=\"true\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"What is Business Email Compromise (BEC)? | EasyDMARC","description":"Business email compromise (or BEC) impersonates or takes over business email accounts. Learn why it's effective and how to avoid it.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/","og_locale":"en_US","og_type":"article","og_title":"What is Business Email Compromise (BEC)?","og_description":"Business email compromise (or BEC) impersonates or takes over business email accounts. Learn why it's effective and how to avoid it.","og_url":"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/","og_site_name":"EasyDMARC","article_publisher":"https:\/\/www.facebook.com\/EasyDMARC\/","article_published_time":"2022-02-07T12:57:55+00:00","article_modified_time":"2023-04-27T14:40:58+00:00","og_image":[{"width":1440,"height":910,"url":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/02\/08.02-What-is-Business-Email-Compromise-BEC_.jpg","type":"image\/jpeg"}],"author":"Hasmik Khachunts","twitter_card":"summary_large_image","twitter_creator":"@easydmarc","twitter_site":"@easydmarc","twitter_misc":{"Written by":"Hasmik Khachunts","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/#article","isPartOf":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/"},"author":{"name":"Hasmik Khachunts","@id":"https:\/\/easydmarc.com\/blog\/#\/schema\/person\/1ee4f162a98bccc5ff8b6fefdfaf245c"},"headline":"What is Business Email Compromise (BEC)?","datePublished":"2022-02-07T12:57:55+00:00","dateModified":"2023-04-27T14:40:58+00:00","mainEntityOfPage":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/"},"wordCount":1275,"publisher":{"@id":"https:\/\/easydmarc.com\/blog\/#organization"},"image":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/#primaryimage"},"thumbnailUrl":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/02\/08.02-What-is-Business-Email-Compromise-BEC_.jpg","articleSection":["Blog","Cyberattacks and Cyberthreats","Cybersecurity","Social Engineering"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/","url":"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/","name":"What is Business Email Compromise (BEC)? | EasyDMARC","isPartOf":{"@id":"https:\/\/easydmarc.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/#primaryimage"},"image":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/#primaryimage"},"thumbnailUrl":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/02\/08.02-What-is-Business-Email-Compromise-BEC_.jpg","datePublished":"2022-02-07T12:57:55+00:00","dateModified":"2023-04-27T14:40:58+00:00","description":"Business email compromise (or BEC) impersonates or takes over business email accounts. Learn why it's effective and how to avoid it.","breadcrumb":{"@id":"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/#primaryimage","url":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/02\/08.02-What-is-Business-Email-Compromise-BEC_.jpg","contentUrl":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/02\/08.02-What-is-Business-Email-Compromise-BEC_.jpg","width":1440,"height":910,"caption":"08.02 What is Business Email Compromise BEC"},{"@type":"BreadcrumbList","@id":"https:\/\/easydmarc.com\/blog\/what-is-business-email-compromise-bec\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/easydmarc.com\/"},{"@type":"ListItem","position":2,"name":"Blog","item":"https:\/\/easydmarc.com\/blog\/category\/blog\/"},{"@type":"ListItem","position":3,"name":"Cybersecurity","item":"https:\/\/easydmarc.com\/blog\/category\/blog\/cybersecurity\/"},{"@type":"ListItem","position":4,"name":"Cyberattacks and Cyberthreats","item":"https:\/\/easydmarc.com\/blog\/category\/blog\/cybersecurity\/cyberattacks-cyberthreats\/"},{"@type":"ListItem","position":5,"name":"Social Engineering","item":"https:\/\/easydmarc.com\/blog\/category\/blog\/cybersecurity\/cyberattacks-cyberthreats\/social-engineering\/"},{"@type":"ListItem","position":6,"name":"What is Business Email Compromise (BEC)?"}]},{"@type":"WebSite","@id":"https:\/\/easydmarc.com\/blog\/#website","url":"https:\/\/easydmarc.com\/blog\/","name":"EasyDMARC","description":"Blog","publisher":{"@id":"https:\/\/easydmarc.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/easydmarc.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/easydmarc.com\/#organization","name":"EasyDMARC","url":"https:\/\/easydmarc.com\/","logo":{"@type":"ImageObject","url":"https:\/\/easydmarc.com\/img\/logo.png"},"image":{"@id":"https:\/\/easydmarc.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/EasyDMARC\/","https:\/\/x.com\/easydmarc","https:\/\/www.linkedin.com\/company\/easydmarc\/mycompany\/"]},{"@type":"Person","@id":"https:\/\/easydmarc.com\/blog\/#\/schema\/person\/1ee4f162a98bccc5ff8b6fefdfaf245c","name":"Hasmik Khachunts","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/556e30ecef3fde7f1400ab37fa210642b14cd1a6cf57ae3d669996eb5324fc9e?s=96&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/556e30ecef3fde7f1400ab37fa210642b14cd1a6cf57ae3d669996eb5324fc9e?s=96&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/556e30ecef3fde7f1400ab37fa210642b14cd1a6cf57ae3d669996eb5324fc9e?s=96&r=g","caption":"Hasmik Khachunts"},"url":"https:\/\/easydmarc.com\/blog\/author\/hasmik\/"}]},"og_video":"https:\/\/www.youtube.com\/embed\/DrTP-mokbM8","og_video_type":"text\/html","og_video_duration":"129","og_video_width":"480","og_video_height":"270","ya_ovs_adult":"false","ya_ovs_upload_date":"2022-02-07T12:57:55+00:00","ya_ovs_allow_embed":"true"},"jetpack_featured_media_url":"https:\/\/easydmarc.com\/blog\/wp-content\/uploads\/2022\/02\/08.02-What-is-Business-Email-Compromise-BEC_.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/posts\/20488","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/comments?post=20488"}],"version-history":[{"count":0,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/posts\/20488\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/media\/20489"}],"wp:attachment":[{"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/media?parent=20488"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/categories?post=20488"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/easydmarc.com\/blog\/wp-json\/wp\/v2\/tags?post=20488"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}