It’s not hard to see why BEC works. Requests from the appropriate person, requests for wire transfers or sensitive employee information may be part of a normal workday. But when those requests come from someone else, it can be a costly case of mistaken identity.
The trouble is, telling the difference between authentic emails and an impostor’s scam is not always easy.
That’s because BEC attacks exploit the very qualities that make people who they are and keep society and business humming along. BEC scammers take advantage of human psychology and business processes to trick your users into wiring money, rerouting paycheck and payments, sending sensitive information and more.
Email account compromise (EAC) is a close relative of BEC. But instead of merely trying to impersonate someone the user trusts with a lookalike account, EAC attackers hijack the trusted person’s actual account.
It’s no wonder BEC scams have stolen billions of dollars from victims already—and the pace is accelerating. Here are some of the biggest, boldest and most brazen scams reported in recent months.