What is business email compromise?
Business email compromise attacks are impersonation scams: Hackers create emails impersonating a senior executive of the company or one of its business partners in an effort to steal money. Sometimes, it involves the compromise of a legitimate business email account but often it’s accomplished through social engineering: By convincingly masquerading as a CEO, for example, in an email that tells an accounting employee to wire money to a supplier — but to a bank account controlled by the hacker. In another type of BEC attack, hackers intercept emails from suppliers and substitute their own account numbers for the supplier’s.